Featured Job

Sign In
 [New User? Sign Up]
Mobile Version

Lead data risk analyst - Starbucks

Starbucks


Location:
Seattle, Washington
Date:
05/25/2017
2017-05-252017-07-24
Categories:
  • Data Analytics
  • Data Scientist
  • Business Intelligence
  • Statistician
Starbucks
  •  
  • Save Ad
  • Email Friend
  • Print
  • Research Salary

Job Details

Job Summary And Mission

This position contributes to Starbucks success by leading the design of data science driven risk assessment, analysis and reporting models against various technology components and initiatives. As a data risk analyst lead, you'll drive the design and execution of the IT Risk Program, focused on clearly defined risk management principles, sound data science practices, and goals collaboratively developed with the Governance, Risk & Compliance manager. You will use your experience with Risk Management methodologies and technology systems analysis, to deliver the mission, vision, and values of the Office of the CTO organization in its role of protecting the Starbucks brand from technology-related threats. This role works cross-functionally with various business partners throughout the organization and Starbucks enterprise, collaborating with and leading other data risk analysts on the team to drive technology and information risk management principles adopted by the Starbucks Technology organization.

Models and acts in accordance with Starbucks guiding principles.

 

Summary Of Key Responsibilities

Responsible and essential job functions include but are not limited to the following:

  • Designs and leads technology risk assessments in support of business requirements.
  • Implements process or control workflows in support of risk treatment recommendations.
  • Designs, reviews and approves procedural documentation (i.e. work instructions).
  • Assists in development and continuous reporting of goal-based metrics.
  • Leads coordination, consultation, and assessment efforts to track and remediate identified and analyzed risks; directs response to related technology incidents, internal or external audits, and / or control assessments.
  • Develops and configures risk forecasting models, defining baselines and reports used for trend analysis.
  • Identifies, reports, and assists in resolving technology risks and control gaps.
  • Leads feedback loops with adjacent Architecture and Engineering teams to protect data from compromise.
  • Recommends, reviews and approves policies and procedures for identifying, reporting, and resolving technology risks.
  • Contributes to the strategic direction of the team, working in conjunction with the Governance, Risk & Compliance manager to develop new capabilities, process efficiencies and desired state goals.
  • Identifies and escalates issues and risks to leadership in a pragmatic, actionable manner.

Requirements

Summary Of Experience

  • Information Risk Management, IT Risk Management, Operational Risk Management or related area (5-7 years)
  • Certifications such as CISSP, CISM or others focused on information risk management, desired (5-7 years)


Required Knowledge, Skills and Abilities

  • Ability to apply knowledge of multidisciplinary business principles and practices and practices to achieve successful outcomes in cross-functional projects and activities
  • Ability to learn and understand new areas of the business, technologies and associated processes.
  • Ability to use a consultative approach to developing and presenting solutions; ability to prioritizate the workload to align to strategic and tactical goals for self and other data risk analysts.
  • Strong skills in Microsoft Word, Excel, PowerPoint and Sharepoint.
  • Ability to work within large collaborative organizations, building consensus and fostering ongoing relationships.
  • Knowledge of and ability to apply process improvement principles.
  • Ability to work in a dynamic work environment, handle ambiguity and maintain productivity.
  • Strong communication skills, effectively demonstrating through written and verbal forms, while amplifying engagement through listening.
  • Strong knowledge of commonly-used risk principles, practices and concepts such as vulnerability management, threat assessment & modeling (e.g. STRIDE), and control effectiveness measurement.
  • Ability to lead collaboration with counterpart teams both internal and external to Information Protection Services.
  • Ability to use risk assessment methodologies such as FAIR, OCTAVE-Allegro, NIST 800-30, ISO 31000, or related, preferred.
  • Knowledge of developing process improvement models, preferred.
  • Knowledge of Bayesian statistical analysis and / or Monte Carlo simulation, preferred.
  • Knowledge of formal risk management platforms such as Archer, Paisley, LockPath or similarly developed forms based data repository, preferred.
  • Knowledge of assessing, developing or executing to a management framework such as ISO 27001, preferred.
  • Ability to use calibrated estimation, probabilistic forecasting, or similar measurement models, preferred.
  • Knowledge of data science / analysis or visualization tools such as PowerPivot, R, or Tableau, desired.

Starbucks is an equal opportunity employer of all qualified individuals, including minorities, women, veterans & individuals with disabilities. Starbucks will consider for employment qualified applicants with criminal histories in a manner consistent with all federal, state, and local ordinances.