Senior Cybersecurity Analyst, Governance

Job Description: • Partner closely with business stakeholders throughout the organization to gather and translate requirements into actionable controls to reduce risk, ensure compliance, and build operational resilience across the enterprise • Support development and implementation of cybersecurity governance tools from policies to control procedures by gathering requirements from senior analysts and leadership, drafting documents and revising based on executive feedback while ensuring all feedback and changes are traceable through the document lifecycle • Assess and recommend changes to governance tools through regular reviews and monitoring to ensure consistency, accessibility and coverage in a rapidly evolving business, technology and regulatory environment • Document and steward records for new and existing security controls which are critical inputs to risk assessments, system security plans and compliance services • Enjoy working on an energetic, fun team with demonstrated ability to work in an increasingly self-directed manner with the ability to balance multiple priorities and meet deadlines to drive the business forward as part of a highly collaborative team • Be accountable for the quality and success of the outcome of your work – You will ensure processes are known, documented, maintained, and properly performed to produce consistent, timely, high-quality deliverables Requirements: • Bachelor’s degree Computer Science or related field and 3-5 years of relevant technology experience in cybersecurity governance, risk and compliance or related cybersecurity domain • Proven working knowledge of systems development lifecycle and IT operations • Configuration knowledge of relevant applications/modules/platforms • Proven knowledge of multidisciplinary principles and practices for achieving successful outcomes in various projects and activities • Extensive experience and expertise on security best practices and industry standards, such as ISO 27001, SOC-2, NIST 800-53, NIST CSF, and PCI • Ability to understand the compliance implications of emerging technologies • An aptitude for understanding and navigating technically complex issues, delivering solutions that meet business objectives • Customer Focus: Delivers legendary service that meets and exceeds all customers' expectations • Program Support: Conducting assessments and designing processes to support ST controls and compliance, supporting control remediation efforts, and driving continuous improvement • Analyze legal and regulatory requirements, manage policies and procedures, and provide governance support, while coordinating program activities • Leadership: Coaching, mentoring, and training other analysts to enhance their skills and knowledge within the team • Strategy: Coordinating gap analysis and aligning with governance frameworks such as ISO 27001, COBIT, and GAPP, while implementing those frameworks as appropriate • Advanced Technical Knowledge: Strong understanding of advanced cybersecurity concepts and tools • Security Strategy: Capability to contribute to the development and execution of the cybersecurity strategy Benefits: • medical, dental, vision, basic and supplemental life insurance • short-term and long-term disability • paid parental leave • family expansion reimbursement • paid vacation from date of hire* • sick time (accrued at 1 hour for every 25 hours worked) • eight paid holidays • two personal days per year • participation in a 401(k) retirement plan with employer match • discounted company stock program (S.I.P.) • Starbucks equity program (Bean Stock) • incentivized emergency savings • financial well-being tools • 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona State University’s online program via the Starbucks College Achievement Plan • student loan management resources • access to other educational opportunities • backup care • DACA reimbursement Apply tot his job