Starbucks

Now Brewing – cybersecurity engineer senior, Identity Lifecycle and Authentication Services! #tobeapartner

From the beginning, Starbucks set out to be a different kind of company. One that not only celebrated coffee and the rich tradition, but that also brought a feeling of connection. We are known for developing extraordinary leaders who share this passion and are guided by their service to others.

This role contributes to Starbucks’ success by implementing and continuously improving enterprise-wide Identity and Access Management (IAM) solutions that ensure secure, compliant, and efficient access to systems and data.

A successful cybersecurity engineer sr. on the Identity Lifecycle and Authentication Services team at Starbucks is a hands-on technical professional with deep experience in identity lifecycle management, authentication protocols, and access governance. You thrive in a fast-paced, collaborative environment and are passionate about building secure, scalable identity solutions that deliver exceptional user experiences while meeting enterprise-grade security standards.

In this role, you’ll help deliver a resilient, world-class identity platform that supports Starbucks’ global workforce and trusted external partners. Collaborating with cross-functional teams, you’ll implement modern identity capabilities—including cloud-native authentication, automated identity lifecycle management, and real-time adaptive access controls such as Continuous Access Evaluation Protocol (CAEP). Your work will also drive the evolution of Starbucks’ Zero Trust architecture, leveraging technologies like Just-In-Time (JIT) provisioning, SCIM, Identity Governance and Administration (IGA), Client to Authenticator Protocol (CTAP), and FIDO Device Onboarding (FDO). This is a unique opportunity to shape the future of secure digital access at scale, delivering seamless, intelligent, and compliant identity experiences across the enterprise.

As a cybersecurity engineer senior, Identity Lifecycle and Authentication Services, you will...

• Deploy and maintain identity services that support authentication, authorization, and lifecycle management across cloud and on-prem environments.
• Contribute to the design and enforcement of Zero Trust principles across identity workflows.
• Conduct technical evaluations, proof-of-concepts, and vendor assessments for identity-related tools and services.
• Support the integration of technologies such as IGA, adaptive access controls and risk-based authentication mechanisms into Starbucks’ identity ecosystem.
• Configure and implement identity solutions using protocols and standards such as SAML, OAuth, OpenID Connect, and SCIM.
• Develop and maintain documentation, runbooks, and knowledge articles for identity services.
• Participate in incident response and troubleshooting related to identity and access issues.
• Collaborate with engineering, security, and business teams to integrate identity solutions into enterprise platforms and applications.
• Partner with the Security Architecture team to ensure platform goals and security solutions align with business strategy and objectives.
• Monitor threat intelligence feeds and reports, and develop remediation strategies based on findings.
• Design and implement security controls that meet compliance requirements, including SOX, PCI, and internal controls.
• Provide mentorship and technical guidance to junior engineers and cross-functional partners.

We’d love to hear from people with...

Basic Qualifications

• 5+ years of experience in information technology, with a strong emphasis on cybersecurity
• 3+ years of hands-on experience in identity and access management (IAM), including identity lifecycle, authentication protocols, and access governance
• Demonstrated experience contributing to or mentoring high-performing engineering teams
• Solid understanding of identity standards and technologies such as SAML, OAuth, OpenID Connect, SCIM, and MFA
• Proven ability to assess, mitigate, and respond to cybersecurity risks and vulnerabilities
• Strong analytical and problem-solving skills with attention to detail
• Excellent written and verbal communication skills, with the ability to convey complex technical concepts to diverse audiences

Preferred Qualifications

• Certifications such as CISSP, CISM, CIPM, or others focused on cybersecurity, IAM, data privacy or information risk management.

As a Starbucks partner, you (and your family) will have access to medical, dental, vision, basic and supplemental life insurance, and other voluntary insurance benefits. Partners have access to short-term and long-term disability, paid parental leave, family expansion reimbursement, paid vacation from date of hire*, sick time (accrued at 1 hour for every 25 hours worked), eight paid holidays, and two personal days per year. Starbucks also offers eligible partners participation in a 401(k) retirement plan with employer match, a discounted company stock program (S.I.P.), Starbucks equity program (Bean Stock), incentivized emergency savings, and financial well-being tools. Additionally, Starbucks offers 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona State University’s online program via the Starbucks College Achievement Plan, student loan management resources, and access to other educational opportunities. You will also have access to backup care and DACA reimbursement. Starbucks will comply with any applicable state and local laws regarding employee leave benefits, including, but not limited to providing time off pursuant to the Colorado Healthy Families and Workplaces Act, and in accordance with its plans and policies. This list is subject to change depending on collective bargaining in locations where partners have a certified bargaining representative. For additional information regarding partner perks and more detailed information about benefits, go to starbucksbenefits.com.

• If you are working in CA, CO, IL, LA, ME, MA, NE, ND or RI, you will accrue vacation up to a maximum of 120 hours (190 in CA) for roles below director and 200 hours (316 in CA) for roles at director or above. For roles in other states, you will be granted vacation time starting at 120 hours annually for roles below director and 200 hours annually for roles director and above.

The actual base pay offered to the successful candidate will be based on multiple factors, including but not limited to job-related knowledge/skills, experience, geographical location, and internal equity. At Starbucks, it is not typical for an individual to be hired at the high end of the range for their role, and compensation decisions are dependent upon the facts and circumstances of each position and candidate.

Join us and inspire with every cup. Apply today!

Starbucks Coffee Company is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, or protected veteran status, or any other characteristic protected by law.

Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal, state and local ordinances.

Starbucks Coffee Company is committed to offering reasonable accommodations to job applicants with disabilities. If you need assistance or an accommodation due to a disability, please contact us at applicantaccommodation@starbucks.com or 1(888) 611-2258.