Senior GRC Analyst, Starbucks Technology - Seattle, WA

Starbucks Seattle , WA 98113

Posted 2 days ago

Job Summary and Mission

This position contributes to Starbucks success by conducting assessments, measuring program effectiveness, and driving capability process improvements as part of the Governance, Risk & Compliance (GRC) team in the Office of the CTO. As a senior GRC analyst you will work in conjunction with GRC leadership to define and implement the strategic direction and build out of capabilities within the team. The senior GRC analyst role also works cross-functionally with business partners throughout the Starbucks Technology organization and Starbucks enterprise, collaborating with management and their respective teams in order to drive adoption of Governance, Risk & Compliance principles.

Models and acts in accordance with Starbucks guiding principles.

Summary of Key Responsibilities

Responsibilities and essential job functions include but are not limited to the following:

  • Conducts technology control assessments in support of business requirements.

  • Designs and consults on process workflow improvements in support of technology controls readiness or compliance management functions.

  • Builds procedural documentation (e.g. process flows, data flow maps, SOP's) or other work instructions to support the Controls & Compliance Readiness capabilities.

  • Develops and coodinates alignment to technology governance and control frameworks such as ISO 27001, COBIT, GAPP, and various NIST SP's, implementing where appropriate.

  • Develops remediation models for events and alerts in IT control domains, internal or external audits, and / or control readiness assessments.

  • Assesses technology systems supporting Governance, Risk & Compliance programs and consults with teams to protect data, tracking and reacting to variances to established baselines; recommends opportunities for improvement.

  • Identifies, reports, and assists in resolving legal or regulatory compliance, control gaps, or governance (oversight / monitoring) gaps.

  • Consultative approach to developing and presenting solutions, assisting with prioritization of workload to strategic and tactical goals for themselves and other GRC analysts.

  • Implements control design and effectiveness testing to assess control strength in treating technology risks.

  • Manages control exceptions or deficiencies tracking and monitoring, assisting with remediation development within Starbucks Technology, and acting as a liaison to Internal or External Audit entities.

  • Develops and manages the lifecycle of policies, procedures and standards, normalizing and rationalizing technology requirements within those governance tools.

  • Designs and develops requirements based technology control models to meet regulatory needs.

  • Creatively plans and designs implementation of technology compliance awareness and education campaigns to encourage adoption of and adherence to requirements in Starbucks Technology Standards.

  • Assists in development of goal-based metrics models (e.g. GQM) across all capability areas within Governance, Risk & Compliance and the Office of the CTO.

  • Develops, reviews and approves procedural and process documentation (e.g. work instructions, playbooks, leading practice guidelines, hassle maps).

  • Coaches, mentors and trains other GRC analysts, effectively multiplying intelligence and skills inside of the team.

Summary of Experience

  • IT compliance (SOX, PCI, internal controls), IT risk management, Internal Audit or Data Privacy fields, or in a related area. (3-5 years)
  • Certifications such as CISSP, CISA, CIPP and other technical certifications are desired.

Required Knowledge, Skills and Abilities

  • Ability to collaborate across teams, both internal and external to Governance, Risk & Compliance, fostering engagement and building relationships.

  • Demonstrated ability to improve individual job skills through training, self-research and self-study

  • Ability to communicate clearly and concisely, both verbally and in writing; active listening skills

  • Ability to plan, organize and prioritize tasks and provide guidance to others

  • Strong IT controls design and engineering skills; code development skills such as Python, R, Powershell preferred.

  • Ability to work in a dynamic work environment, handle ambiguity and maintain productivity.

  • Experience leading SOX or PCI or other regulatory audits or readiness assessments.

  • Experience developing or enhancing existing IT control processes, or developing continuous controls monitoring processes.

  • Experience in assessing, developing or executing to a management framework such as ISO 27001, a control framework such as COBIT, or principle framework such as GAPP, preferred.

  • Experience developing common control frameworks (CCF) or conducting cross-controls mapping, preferred.

  • Experience in goal-based metrics development or reporting utilizing either a common framework such as Goal-Question-Metric (GQM) or equivalent, preferred.

  • Experience with Archer or similar GRC workflow platform, preferred.

  • Experience building functional, operational or technical requirements, preferred.

  • Experience utilizing data analysis and visualization tools such as PowerPivot, R, or Tableau, desired.

Core Competencies

  • Puts the Customer First: Has a relentless focus on the customer. Understands what the customer wants and how to best deliver the experience.

  • Works Well with Others: Listens and communicates well with others within and outside of Starbucks. Creates a team environment that is positive and productive.

  • Leads Courageously: Takes personal responsibility to do the right thing, and persists in times of challenge or uncertainty. Adapts quickly to change and makes timely, thoughtful decisions.

  • Develops Continuously: Continuously seek opportunities to improve self and others. Leads with trust, honesty and commitment to hire, coach and develop partners to achieve their potential.

  • Achieves Results: Understands what drives overall business success and is accountable to prioritize and deliver quality results. Demonstrates knowledge of core products and processes to get results. Anticipates obstacles and takes action to prevent or minimize their impact.

Starbucks and its brands are an equal opportunity employer of all qualified individuals, including minorities, women, veterans & individuals with disabilities. Starbucks will consider for employment qualified applicants with criminal histories in a manner consistent with all federal, state, and local ordinances.

See if you are a match!

See how well your resume matches up to this job - upload your resume now.… Change Resume
Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Application Develope...


Posted 2 days ago

VIEW JOBS 8/14/2018 12:00:00 AM 2018-11-12T00:00 Job Summary and Mission Come be a part of one of the teams helping to shape the future of Starbucks digital commerce applications and leading our migration to global cloud-hosted microservices! You will work collaboratively as part of an Agile Scrum multi-team environment to identify, design, develop and deploy technology and process solutions establishing key Starbucks business capabilities and platform features, delivering strategic initiatives and operational improvements. This job contributes to Starbucks success by developing cost-effective information technology solutions by creating new and modifying existing software applications that are more complex. Participates in requirements gathering activities. Reviews systems under development and related documentation. Creates more complex prototypes. Codes, tests, debugs, documents, and implements complex software applications. May coordinate activities of the project team and assist in monitoring project schedules and costs. Models and acts in accordance with Starbucks Guiding Principles. Summary of Key Responsibilities This role requires strong technical expertise, domain proficiency, platform depth, and leadership. Responsibilities and essential job functions include but are not limited to the following: * Designs, develops, implements, documents, and tests new applications and APIs, or changes to an application subsystem. Codes, tests, debugs, documents, and implements complex software applications. * Creates innovative prototypes to rapidly identify new business opportunities and leading edge technology implementation. Does so while ensuring deliverables are high quality and meet user expectations. Supports system and integration testing activities. Initiates design reviews for new applications and helps define and ensure team-wide adherence to software development standards. * Collaborates with other team members and SMEs across Starbucks Technology to recommend new software development technologies and development processes. Coaches and mentors other less experienced team members. Performs cross- training and facilitates information sharing among team members. * Working with application development leads, establishes, maintains and ensures compliance with standards for development, testing and documentation. Acts as a senior technical expert to analyze, consult, and recommend application software solutions based on the business needs. * Participates in, leads and mentors others in requirements gathering and functional specification activities. May assist Functional Analysts in completing deliverables and translates business requirements and functional designs into technical designs. Assist with development of functional designs and resolving complex design issues. May act as senior technical expert to consult with and analyze the business needs. * Resolves and helps mitigate production application issues and assists less experienced application developers as needed. Works with other business and technology teams to support resolution of end-user issues. Contributes to the documentation of production support processes as required. Anticipates long term support issues and plans for corrective actions. May perform root cause analysis to identify permanent resolutions to software or business process issues. Summary of Experience * Analyzing, diagnosing and proposing solutions to user problems: 6 years * Application development and programming experience: 6 years * Providing support to various business applications: 6 years * Working with process owners and identifying information technology solutions that enable business process improvements: 4 years Required Knowledge, Skills and Abilities * Advanced knowledge of C# and .NET Framework; additional benefit if you have working knowledge of a JVM-based language Java/Scala/Groovy/JRuby). * Strong interpersonal skills, building an effective network of relationships inside and outside Starbucks. * Ability to communicate clearly and concisely, both orally and in writing, as an advocate for technology solutions. * Strong analytical and problem-solving skills, with proven ability to design pragmatic solutions. * Mentoring, coaching and leading other technical team members. * Strong proficiency in programming languages, databases, web technologies and RESTful API integration techniques. * Demonstrated success working within an Agile development environment (Scrum/Kanban/Lean/XP). Additional Qualifications * Deep knowledge of design patterns and OO design principles, including experience with Domain Driven Design. * Advanced experience working with distributed systems and architectures, including SOA, SaaS, and microservices approaches; knowledge and experience with Reactive systems preferred. * Experience with Cloud hosting technology stacks (SaaS/PaaS/IaaS) and service delivery models, including Microsoft Azure and Amazon Web Services. * Significant experience with relational and non-relational, including NoSQL databases. Core Competencies * Customer Focus - Delivers legendary service that meets and exceeds all customers' expectations * Ethics and Integrity - Adheres to Starbucks values, beliefs and principles during good and bad times. * Composure - Remains calm, maintains perspective and responds in a professional manner when faced with tough situations * Personal Learning - Takes personal responsibility for the continuous learning of new knowledge, skills and experiences * Dealing with Ambiguity - Able to successfully function during times of uncertainty and changing priorities * Decision-Making - Makes timely and quality decisions based on a mixture of analysis, wisdom, experience and judgment * Interpersonal Savvy - Builds effective relationships with all people; up, down and sideways, inside and outside of Starbucks * Results Oriented - Gets results and achieves goals Starbucks and its brands are an equal opportunity employer of all qualified individuals, including minorities, women, veterans & individuals with disabilities. Starbucks will consider for employment qualified applicants with criminal histories in a manner consistent with all federal, state, and local ordinances. Starbucks Seattle WA

Senior GRC Analyst, Starbucks Technology - Seattle, WA