Senior GRC Analyst, Starbucks Technology - Seattle, WA

Starbucks Seattle , WA 98113

Posted 3 weeks ago

Job Summary and Mission

This position contributes to Starbucks success by conducting assessments, measuring program effectiveness, and driving capability process improvements as part of the Governance, Risk & Compliance (GRC) team in the Office of the CTO. As a senior GRC analyst you will work in conjunction with GRC leadership to define and implement the strategic direction and build out of capabilities within the team. The senior GRC analyst role also works cross-functionally with business partners throughout the Starbucks Technology organization and Starbucks enterprise, collaborating with management and their respective teams in order to drive adoption of Governance, Risk & Compliance principles.

Models and acts in accordance with Starbucks guiding principles.

Summary of Key Responsibilities

Responsibilities and essential job functions include but are not limited to the following:

  • Conducts technology control assessments in support of business requirements.

  • Designs and consults on process workflow improvements in support of technology controls readiness or compliance management functions.

  • Builds procedural documentation (e.g. process flows, data flow maps, SOP's) or other work instructions to support the Controls & Compliance Readiness capabilities.

  • Develops and coodinates alignment to technology governance and control frameworks such as ISO 27001, COBIT, GAPP, and various NIST SP's, implementing where appropriate.

  • Develops remediation models for events and alerts in IT control domains, internal or external audits, and / or control readiness assessments.

  • Assesses technology systems supporting Governance, Risk & Compliance programs and consults with teams to protect data, tracking and reacting to variances to established baselines; recommends opportunities for improvement.

  • Identifies, reports, and assists in resolving legal or regulatory compliance, control gaps, or governance (oversight / monitoring) gaps.

  • Consultative approach to developing and presenting solutions, assisting with prioritization of workload to strategic and tactical goals for themselves and other GRC analysts.

  • Implements control design and effectiveness testing to assess control strength in treating technology risks.

  • Manages control exceptions or deficiencies tracking and monitoring, assisting with remediation development within Starbucks Technology, and acting as a liaison to Internal or External Audit entities.

  • Develops and manages the lifecycle of policies, procedures and standards, normalizing and rationalizing technology requirements within those governance tools.

  • Designs and develops requirements based technology control models to meet regulatory needs.

  • Creatively plans and designs implementation of technology compliance awareness and education campaigns to encourage adoption of and adherence to requirements in Starbucks Technology Standards.

  • Assists in development of goal-based metrics models (e.g. GQM) across all capability areas within Governance, Risk & Compliance and the Office of the CTO.

  • Develops, reviews and approves procedural and process documentation (e.g. work instructions, playbooks, leading practice guidelines, hassle maps).

  • Coaches, mentors and trains other GRC analysts, effectively multiplying intelligence and skills inside of the team.

Summary of Experience

  • IT compliance (SOX, PCI, internal controls), IT risk management, Internal Audit or Data Privacy fields, or in a related area. (3-5 years)
  • Certifications such as CISSP, CISA, CIPP and other technical certifications are desired.

Required Knowledge, Skills and Abilities

  • Ability to collaborate across teams, both internal and external to Governance, Risk & Compliance, fostering engagement and building relationships.

  • Demonstrated ability to improve individual job skills through training, self-research and self-study

  • Ability to communicate clearly and concisely, both verbally and in writing; active listening skills

  • Ability to plan, organize and prioritize tasks and provide guidance to others

  • Strong IT controls design and engineering skills; code development skills such as Python, R, Powershell preferred.

  • Ability to work in a dynamic work environment, handle ambiguity and maintain productivity.

  • Experience leading SOX or PCI or other regulatory audits or readiness assessments.

  • Experience developing or enhancing existing IT control processes, or developing continuous controls monitoring processes.

  • Experience in assessing, developing or executing to a management framework such as ISO 27001, a control framework such as COBIT, or principle framework such as GAPP, preferred.

  • Experience developing common control frameworks (CCF) or conducting cross-controls mapping, preferred.

  • Experience in goal-based metrics development or reporting utilizing either a common framework such as Goal-Question-Metric (GQM) or equivalent, preferred.

  • Experience with Archer or similar GRC workflow platform, preferred.

  • Experience building functional, operational or technical requirements, preferred.

  • Experience utilizing data analysis and visualization tools such as PowerPivot, R, or Tableau, desired.

Core Competencies

  • Puts the Customer First: Has a relentless focus on the customer. Understands what the customer wants and how to best deliver the experience.

  • Works Well with Others: Listens and communicates well with others within and outside of Starbucks. Creates a team environment that is positive and productive.

  • Leads Courageously: Takes personal responsibility to do the right thing, and persists in times of challenge or uncertainty. Adapts quickly to change and makes timely, thoughtful decisions.

  • Develops Continuously: Continuously seek opportunities to improve self and others. Leads with trust, honesty and commitment to hire, coach and develop partners to achieve their potential.

  • Achieves Results: Understands what drives overall business success and is accountable to prioritize and deliver quality results. Demonstrates knowledge of core products and processes to get results. Anticipates obstacles and takes action to prevent or minimize their impact.

Starbucks and its brands are an equal opportunity employer of all qualified individuals, including minorities, women, veterans & individuals with disabilities. Starbucks will consider for employment qualified applicants with criminal histories in a manner consistent with all federal, state, and local ordinances.

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Software Development Engineer In Test (Sdet) Analyst Starbucks Technology Seattle WA


Posted 3 days ago

VIEW JOBS 10/13/2018 12:00:00 AM 2019-01-11T00:00 Position Summary and Team Mission This position is a unique opportunity for a strong, quality focused engineer to help build, ensure quality and ship the next generation Starbucks commerce platform. The team you will be joining is building a cloud hosted platform utilizing true microservice and reactive design principals to support the full suite of Starbucks retail, mobile, and online experiences. This role is focused on testing the integration and interactions between the components of this new platform as a whole as well as with existing Enterprise services feeding data into it. You will fully own the quality of your platform areas by defining what needs to be tested, developing/extending test frameworks, developing automated tests, and driving issues you identify to the appropriate resolution. Key Responsibilities * Analyze upcoming platform feature and service integrations for needed test coverage * Creating test plans and test cases needed to ensure the quality of these features * Developing automated tests and any test frameworks/extensions needed to support new cases * Ensuring that automated tests are integrated and execute reliably in our CI/CD environments * Analyzing daily test results for failures and filing appropriate defects * Contribute test library and framework code to feature teams wherever applicable * Work between platform feature teams and across integration partners to ensure that defects your tests identified are properly prioritized and driven to resolution Required Knowledge, Skills and Abilities * Strong interpersonal skills * Strong ability to collaborate and work across teams and disciplines * Strong software design and test methodology knowledge and abilities * Ability to communicate clearly and concisely, both verbally and in written forms * Ability to understand and analyze complex problems and break them into small solvable pieces * Ability and strong desire to learn new languages, frameworks, tools and platforms quickly Required Experience * Experience in a software QA role (5 years) * Experience developing robust test automation (4 years) * Experience developing automated tests in an OOP language (2 years) * Experience working in engineering teams using agile methodologies (2 years) * Experience testing REST APIs (1 years) * Experience testing cloud hosted services (1 years) * BA/BS or higher degree in Computer Science, Information Technology, or equivalent experience Strongly Desired * Experience developing automated tests for microservices * Experience developing integrated tests between components and across domains * Experience developing test automation in Java or Scala * Experience developing automated tests using or executing on Amazon Web Services (AWS) and Docker containers * Experience utilizing Cassandra, Akka or Kafka * Experience working in a production DevOps team Starbucks and its brands are an equal opportunity employer of all qualified individuals, including minorities, women, veterans & individuals with disabilities. Starbucks will consider for employment qualified applicants with criminal histories in a manner consistent with all federal, state, and local ordinances. Starbucks Seattle WA

Senior GRC Analyst, Starbucks Technology - Seattle, WA