Job Specifications
Now Brewing - cybersecurity engineer senior, Identity Lifecycle and Authentication Services! #tobeapartner
From the beginning, Starbucks set out to be a different kind of company. One that not only celebrated coffee and the rich tradition, but that also brought a feeling of connection. We are known for developing extraordinary leaders who share this passion and are guided by their service to others.
This role contributes to Starbucks' success by implementing and continuously enhancing enterprise-wide Identity and Access Management (IAM) solutions that ensure secure, compliant, and efficient access to systems and data.
A successful Senior Cybersecurity Engineer on the Identity and Access Management (IAM) team at Starbucks is a hands-on technical professional with deep expertise in identity lifecycle, authentication, and authorization services. You thrive in a fast-paced, collaborative environment and are passionate about building secure, scalable identity solutions that deliver exceptional user experiences while meeting enterprise-grade security standards. You bring senior-level expertise in at least two key areas such as automated Identity Lifecycle Management (ILM) for workforce and B2B, modern authentication technologies like FIDO2/WebAuthn, Cloud and/or Directory Services, and Privileged Access Management (PAM). This broad technical foundation allows you to design and implement robust identity solutions that support both Legacy and cloud-native environments, advancing Starbucks' Zero Trust strategy and secure workforce enablement.
In this role, you will contribute to the design and delivery of a resilient, enterprise-scale identity platform that supports Starbucks' global workforce and trusted external partners. Partnering with cross-functional teams, you will implement advanced identity capabilities such as hybrid authentication, automated identity lifecycle orchestration, and adaptive access controls using protocols like Continuous Access Evaluation Protocol (CAEP).
You will also contribute to the evolution of Starbucks' Zero Trust architecture by applying technologies such as Just-In-Time (JIT) provisioning, SCIM for standardized identity data exchange, Identity Governance and Administration (IGA) platforms for access certification and role-based controls, and modern identity protocols and frameworks such as CTAP for user authentication and FIDO Device Onboarding (FDO) for secure device provisioning. This is a unique opportunity to shape secure digital access at scale while delivering intelligent, seamless, and compliant identity experiences across a dynamic enterprise environment.
As a cybersecurity engineer senior, Identity Lifecycle and Authentication Services, you will...
Deploy and maintain identity services that support authentication, authorization, and lifecycle management across cloud and on-prem environments.
Contribute to the design and enforcement of Zero Trust principles across identity workflows.
Conduct technical evaluations, proof-of-concepts, and vendor assessments for identity-related tools and services.
Support the integration of technologies such as IGA, adaptive access controls and risk-based authentication mechanisms into Starbucks' identity ecosystem.
Configure and implement identity solutions using protocols and standards such as SAML, OAuth, OpenID Connect, and SCIM.
Develop and maintain documentation, runbooks, and knowledge articles for identity services.
Participate in incident response and troubleshooting related to identity and access issues.
Collaborate with engineering, security, and business teams to integrate identity solutions into enterprise platforms and applications.
Partner with the Security Architecture team to ensure platform goals and security solutions align with business strategy and objectives.
Monitor threat intelligence feeds and reports, and develop remediation strategies based on findings.
Design and implement security controls that meet compliance requirements, including SOX, PCI, and internal controls.
Provide mentorship and technical guidance to junior engineers and cross-functional partners.
We'd love to hear from people with...
Basic Qualifications
5+ years of experience in information technology, with a strong emphasis on cybersecurity
5+ years of hands-on experience in Identity and Access Management (IAM), including workforce and B2B identity lifecycle management, and authentication processes
Demonstrated experience deploying and managing cloud identity platforms like Microsoft Entra ID in complex-hybrid environments
Solid understanding of identity standards and technologies such as SAML, OAuth, OpenID Connect, SCIM, and MFA
Solid understanding of IAM principles, including user lifecycle management, provisioning with SCIM, and compliance frameworks
Expertise in developing and executing enterprise-wide identity strategies and governance frameworks. Experience with IAM automation, including workflows, API integrations, and Scripting (eg PowerShe
About the Company
At Starbucks, we like to say that we are not in the coffee business serving people, but in the people business serving coffee. Here, our employees - who we call partners - are the heart of the Starbucks experience, and being a partner means aspiring to become part of something bigger: inspiring positive change in the world and growing in your career and in your community. It's an opportunity to be your personal best. Starbucks is an equal opportunity employer of all qualified individuals, including minorities, veterans and i...
Know more