Director cybersecurity, portfolio management

Starbucks offers a senior leadership role in Global Cybersecurity Services, based onsite in Seattle, Washington. The Director of Cybersecurity Portfolio Management leads strategic and operational portfolio management, functioning as an extension of the CISO to align initiatives with enterprise strategy, risk priorities, and regulatory expectations.

Benefits

• Medical, dental, and vision insurance
• Basic and supplemental life insurance
• Short-term and long-term disability
• Paid parental leave
• Family expansion reimbursement
• Paid vacation
• Sick time
• Eight paid holidays
• Two personal days per year
• 401(k) retirement plan with employer match
• Discounted company stock program (S.I.P.)
• Starbucks equity program (Bean Stock)
• Incentivized emergency savings
• Financial well-being tools
• 100% upfront tuition coverage for a first-time bachelor's degree via Starbucks College Achievement Plan (ASU online)
• Student loan management resources
• Backup care
• DACA reimbursement

Responsibilities

• Build and sustain influential relationships at all levels to advance cybersecurity strategy and enterprise risk outcomes.
• Serve as a trusted advisor and integrator for the CISO across strategy, execution, and communications.
• Partner with senior leadership to identify priority opportunities, align them to enterprise objectives, and drive execution.
• Define and communicate cybersecurity strategy, operating model, and execution priorities to internal and external stakeholders.
• Collaborate with cross-functional leaders to ensure alignment with Starbucks' business strategy, technology priorities, and risk posture.
• Drive execution discipline across the cybersecurity portfolio, ensuring alignment to approved strategies, roadmaps, and commitments.
• Establish governance mechanisms, operating rhythms, escalation paths, and decision forums across Global Cybersecurity Services.
• Maintain visibility into delivery progress, dependencies, risks, and trade-offs, escalating issues as needed.
• Support multi-year planning, prioritization, and sequencing of cybersecurity initiatives across domains and regions.
• Ensure consistent measurement and reporting of outcomes, risks, and performance metrics.
• Translate cybersecurity strategy and risk priorities into coordinated execution across Identity, Data Protection, Threat Detection & Response, Governance Risk & Compliance, Product Security, and regional teams.
• Facilitate governance and compliance to optimize cybersecurity investments and align with enterprise standards.
• Identify gaps, overlaps, and execution risks across initiatives and drive resolution.
• Lead the synthesis of materials for executive leadership, Audit & Compliance Committee, and Board-level discussions.
• Support engagement with Legal, Privacy, Finance, and external auditors as required.
• Challenge and inspire partners across Global Cybersecurity Services to achieve enterprise outcomes.
• Provide coaching, feedback, and leadership support to the team, senior leaders, and key contributors.
• Ensure the team grows in skills, impact, performance management, and career development.
• Support leadership capability development, succession planning, and organizational effectiveness.
• Promote a culture of accountability, collaboration, and continuous improvement.

Requirements

• Thorough familiarity with project management tools, techniques, methodologies, and best practices.
• Ability to learn and apply multidisciplinary business principles to drive successful outcomes in cross-functional projects.
• Strong capability to tell stories and simplify complex work using analysis and data-backed evidence.
• Proven history of developing, leading, and mentoring teams through service delivery and change.
• Ability to establish cross-functional, collaborative relationships with business and technology partners.
• Strong critical thinking skills with a track record of delivering results.
• Exceptional communication and presentation skills, both oral and written.
• Bachelor’s degree in Information Security, Computer Science, or a related field and/or 10+ years of cybersecurity experience, with focus areas such as security operations, incident response, or risk management.
• Experience in cybersecurity, technology, risk, or enterprise operations.
• Experience operating at an executive interface and influencing outcomes without direct authority.
• Strong familiarity with cybersecurity frameworks and enterprise risk management practices (eg, NIST CSF, ISO 27001).
• Demonstrated executive communication skills, including preparation of Board-level materials.