cybersecurity analyst senior - governance, risk, and compliance
Location
United States
Posted
2 days ago
Salary
$106K - $201K / year
Seniority
Senior
Job Description
Now Brewing – Cybersecurity Analyst, Sr. – Governance Risk & Compliance! #tobeapartner
From the beginning, Starbucks set out to be a different kind of company. One that not only celebrated coffee and the rich tradition, but that also brought a feeling of connection. We are known for developing extraordinary leaders who share this passion and are guided by their service to others.
Are you passionate about leading complex technical initiatives that strengthen our security posture and protect our partners, customers and brand? As a Cybersecurity Analyst, Sr. on the Cybersecurity Project Management team, you will drive high-impact, cross-functional programs and initiatives that deliver governance, risk and compliance and risk-mitigation capabilities across the enterprise.
You bring clarity to ambiguity, create structure in fast-moving environments and execute with precision. This role requires a strategic thinker who is deeply hands-on, capable of guiding programs from initial concept through planning, execution, deployment and successful closeout. You will partner closely with engineering, security and business teams to translate cybersecurity compliance requirements into actionable plans that deliver measurable outcomes and reduce organizational risk.
As a Cybersecurity Analyst, Sr, you will…
- Lead large-scale, highly complex cybersecurity, infrastructure and governance, risk and compliance (GRC) initiatives from concept to delivery, coordinating across multiple teams and regions.
- Translate complex technical and security and compliance challenges into structured, actionable project plans, ensuring alignment and coordination across cross-functional delivery teams.
- Drive execution with rigor and attention to detail, while maintaining strong governance and risk management practices.
- Communicate with executive presence, delivering crisp updates and influencing decision-making across all levels of the organization.
- Develop and execute organizational change management plans – including communication strategies, readiness assessments, stakeholder engagement and training coordination across multiple concurrent projects.
We’d love to hear from people with:
- 10+ years of analyst or program/project management experience, including 3+ years leading and supporting governance, risk and compliance programs within large or highly regulated organizations.
- Proven success managing large, cross-functional programs with multiple workstreams and global stakeholders.
- Familiarity with GRC processes and frameworks including PCI DSS, SWIFT, SOC 2, ISO 27001/27002, NIST CSF, and broader enterprise risk management practices.
- Experience managing deployment and integration of technical or security solutions across global environments, ensuring alignment with enterprise controls, standards and audit/compliance requirements.
- Hands-on experience supporting compliance initiatives (e.g. evidence collection, control validation, remediation planning, reporting), with the ability to translate requirements to actionable delivery plans.
- Strong organizational skills and a proactive, execution-focused mindset, with a track record of driving clarity, managing risk, and delivering results in fast-paced or ambiguous environments.
- Ability to anticipate compliance risks, identify control gaps, and partner with engineering, security and audit teams to ensure effective remediation and sustainable control posture.
- Experience applying organizational change management (OCM) frameworks (e.g. ADKAR, Prosci) across technical, security or compliance-driven initiatives
As a Starbucks partner, you (and your family) will have access to medical, dental, vision, basic and supplemental life insurance, and other voluntary insurance benefits. Partners have access to short-term and long-term disability, paid parental leave, family expansion reimbursement, paid vacation from date of hire*, sick time (accrued at 1 hour for every 25 hours worked), eight paid holidays, and two personal days per year. Starbucks also offers eligible partners participation in a 401(k) retirement plan with employer match, a discounted company stock program (S.I.P.), Starbucks equity program (Bean Stock), incentivized emergency savings, and financial well-being tools. Additionally, Starbucks offers 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona State University’s online program via the Starbucks College Achievement Plan, student loan management resources, and access to other educational opportunities. You will also have access to backup care and DACA reimbursement. Starbucks will comply with any applicable state and local laws regarding employee leave benefits, including, but not limited to providing time off pursuant to the Colorado Healthy Families and Workplaces Act, and in accordance with its plans and policies. This list is subject to change depending on collective bargaining in locations where partners have a certified bargaining representative. For additional information regarding partner perks and more detailed information about benefits, go to starbucksbenefits.com.
*If you are working in CA, CO, IL, LA, ME, MA, NE, ND or RI, you will accrue vacation up to a maximum of 120 hours (190 in CA) for roles below director and 200 hours (316 in CA) for roles at director or above. For roles in other states, you will be granted vacation time starting at 120 hours annually for roles below director and 200 hours annually for roles director and above.
The actual base pay offered to the successful candidate will be based on multiple factors, including but not limited to job-related knowledge/skills, experience, geographical location, and internal equity. At Starbucks, it is not typical for an individual to be hired at the high end of the range for their role, and compensation decisions are dependent upon the facts and circumstances of each position and candidate.
Join us and inspire with every cup. Apply today!
Starbucks Coffee Company is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, or protected veteran status, or any other characteristic protected by law.
Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal, state and local ordinances.
Starbucks Coffee Company is committed to offering reasonable accommodations to job applicants with disabilities. If you need assistance or an accommodation due to a disability, please contact us at applicantaccommodation@starbucks.com or 1(888) 611-2258.
Job Requirements
- 10+ years of analyst or program/project management experience, including 3+ years leading and supporting governance, risk and compliance programs within large or highly regulated organizations.
- Proven success managing large, cross-functional programs with multiple workstreams and global stakeholders.
- Familiarity with GRC processes and frameworks including PCI DSS, SWIFT, SOC 2, ISO 27001/27002, NIST CSF, and broader enterprise risk management practices.
- Experience managing deployment and integration of technical or security solutions across global environments, ensuring alignment with enterprise controls, standards and audit/compliance requirements.
- Hands-on experience supporting compliance initiatives (e.g. evidence collection, control validation, remediation planning, reporting), with the ability to translate requirements to actionable delivery plans.
- Strong organizational skills and a proactive, execution-focused mindset, with a track record of driving clarity, managing risk, and delivering results in fast-paced or ambiguous environments.
- Ability to anticipate compliance risks, identify control gaps, and partner with engineering, security and audit teams to ensure effective remediation and sustainable control posture.
- Experience applying organizational change management (OCM) frameworks (e.g. ADKAR, Prosci) across technical, security or compliance-driven initiatives.
Benefits
- Access to medical, dental, vision, basic and supplemental life insurance, and other voluntary insurance benefits.
- Short-term and long-term disability, paid parental leave, family expansion reimbursement.
- Paid vacation from date of hire, sick time (accrued at 1 hour for every 25 hours worked), eight paid holidays, and two personal days per year.
- Participation in a 401(k) retirement plan with employer match.
- Discounted company stock program (S.I.P.), Starbucks equity program (Bean Stock), incentivized emergency savings, and financial well-being tools.
- 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona State University’s online program via the Starbucks College Achievement Plan.
- Access to backup care and DACA reimbursement.
- Compliance with applicable state and local laws regarding employee leave benefits.
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
(655) Mid Information Systems Security Officer
Arlo Solutions LLCArlo Solutions (Arlo) is an information technology consulting services company that specializes in delivering technology solutions. Our reputation reflects the high quality of the talented Arlo Solutions team and the consultants working in partnership with our customers. Our mission is to understand and meet the needs of both our customers and consultants by delivering quality, value-added solutions. The Department of Defense’s (DoD) Chief Digital and Artificial Intelligence Office (CDAO) is at the forefront of supporting the DoD with the adoption of innovative technologies such as data, analytics, and artificial intelligence to help accelerate predictions, forecasts, and interpretations for both strategic and tactical decisions across the enterprise.
The Mid Information System Security Officer will support the DSCA Cybersecurity team by providing expertise in Risk Management Framework (RMF) activities, security control assessments, and continuous monitoring to ensure compliance with RMF, IT, and FISCAM guidelines. Key duties include producing required DOD compliance documentation, preparing and validating controls in eMASS packages, and conducting continuous monitoring of information systems.
Cybersecurity Analyst, Sr. on Cybersecurity Project Management team driving governance and compliance initiatives
Cybersecurity Risk Assessment Specialist
MercorCincinnatus is an enterprise staffing company that partners with leading technology companies to source and employ highly skilled professionals for full-time and long-term contingent roles. Cincinnatus serves as the employer of record for these engagements, providing W-2 employment, payroll, benefits, and compliance, while placing employees directly within client teams to work on high-impact initiatives. Roles hired through Cincinnatus are not project-based or freelance engagements. They are structured, role-based positions that typically involve full-time or fixed-term commitments, close collaboration with a client's internal teams, and integration into standard enterprise workflows. Cincinnatus is a legal entity separate from Mercor. While opportunities may be discovered through Mercor's platform, employment, onboarding, payroll, and benefits for these roles are administered by Cincinnatus. Equal Employment Opportunity Cincinnatus is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or any other legally protected characteristic. Cincinnatus is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans throughout the job application process.
Red team conversational AI models and agents by conducting jailbreaks, prompt injections, misuse cases, and bias exploitation. Generate high-quality human data by annotating failures, classifying vulnerabilities, and flagging systemic risks. Apply structure by following taxonomie...
The investigator will conduct discreet, vehicle-based field investigations, including mobile and stationary surveillance, to gather high-quality video evidence related to insurance fraud cases. Key duties also involve initial case preparation via research and writing thorough, court-ready reports documenting findings.
