Enable America Jobs

Company Description:

McDonald's evolving Accelerating the Arches growth strategy puts our customers and people first and demonstrates our competitive advantages to strengthen our brand. We are recognized on lists like Fortune’s Most Admired Companies and Fast Company’s Most Innovative Companies.

Doubling Down on the 4Ds (Delivery, Digital, Drive Thru, and Development)

Our growth pillars emphasize the critical role technology plays as the best-in-class, global omni-channel restaurant brand. Technology enables the organization through digital technologies, and improving the customer, crew and employee experience each and every day!

Global Technology forging the way

Leading the digitization of our business is the Technology organization made up of innovation specialists who build industry defining tech using the latest innovations and platforms, like AI and edge computing to deliver on the next set of groundbreaking opportunities for the business. We take on technology innovation challenges at an incredible scale, and work across global teams who are always hungry for a challenge! This provides access to compelling career paths for technologists. It’s bonus points when you get to see your family and friends use the tech you build at their favorite McD restaurant.

Job Description:

McDonald's is seeking a Business Technical Cyber Analyst - Vulnerability management. In this role, you will develop new Cybersecurity services and enhancing existing services to meet the increasing needs for protecting our users, devices, networks, applications, and data through vulnerability management. In addition, you will work closely with all areas of the business and technology teams to ensure that our services are meeting the needs of markets, application teams, corporate departments, and other partners.

Roles and Responsibilities:

• Implement, operate and enhance a Vulnerability Management program to reduce exposure and improve overall security posture for cloud, on-prem and hybrid environments.

• Partner with other security practitioners, and technology leaders to share standard methodologies and insights.

• Drive continuous improvement of the global Vulnerability Management program including its infrastructure.

• Develop and maintain vulnerability and remediation metrics to assist with resourcing and improving security posture.

• Work with intelligence partners to research, integrate, monitor and measure relative and threats.

• Manage timely responses to customer requests with attention to detail.

• Implement and manage internal, external and cloud network and agent -based vulnerability scanning.

• Assist in deploying vulnerability management infrastructure that includes scanners, sensors, and agent configurations.

• Work with customers to perform gap assessments and vulnerability prioritization.

• Establish credibility as a trusted domain expert to our customers.

• Implements cybersecurity policies and procedures in accordance with industry best practices and regulatory requirements.

• Supervise and analyze the environment for potential threats, identify vulnerabilities, and implement cybersecurity measures to protect against unauthorized access.

• Assist with cybersecurity risk assessments, IT audits and/or vulnerability assessments.

• Identifies opportunities and recommends process or technology enhancements.

• Identify operational gaps, measure current state performance, and implement improvement solutions.

• Assists cybersecurity engineers to plan and perform cybersecurity risk and vulnerability reviews, including penetration tests and security design reviews, to identify vulnerabilities in the organization’s systems.

• Collaborates with IT and business teams to develop and maintain a robust cybersecurity infrastructure.

• Keep abreast of the latest cybersecurity trends and threat intelligence to ensure the organization's security measures are up to date.

• Leverage analytics to help standardize ways to measure organizational efficiency/effectiveness.

Qualifications:

Basic Qualifications

• A bachelor’s degree or equivalent experience in Cybersecurity, Information Technology, Computer Science, or a related field.

• A minimum of 2-4 years of experience in a cybersecurity or a related technology role.

• Willingness and ability to live the McDonald’s values every day: Serve, Inclusion, Integrity, Community, and Family.

• Capability working with customers, presentations, and participating in requirements sessions.

• Understanding of the complete software implementation lifecycle - including data requirements gathering, dataset migration, data reconciliation, and move to production.

• Ability to collaborate with cross-organizational partners, both corporate and in the market, to define requirements and resolve issues.

• Highly collaborative along with independent critical thinking and creative problem-solving skills.

• Highly organized and diligent, with the ability to keep many engagements active at once.

• Comfortable with ambiguity and ability to navigate uncertainty.

• Understanding of sophisticated multinational companies and distributed business models.

• Good interpersonal skills with the ability to communicate sophisticated technical concepts to non-technical partners.

• Proficient in technical writing and creating policies, standards, procedures, and guidelines.

• Ability to interpret and understand business needs and effectively communicate them to peer teams.

• Demonstrable ability to identify project objectives and define optimal project approaches to align security controls with program success.

• Story-telling; the use of metrics and analytics to enable senior-leadership to make timely operational decisions with the proper security comprehension.

• Intermediate knowledge and experience of cybersecurity concepts, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, and content filtering.

• Solid understanding of current cybersecurity threats, techniques, and landscape, as well as a dedicated and driven desire to research current cybersecurity landscape.

• Familiarity with cybersecurity frameworks (e.g., NIST, ISO 27001) and risk management methodologies.

• Familiarity with key compliance and IT frameworks such as NIST, OWASP SAMM, PCI, GDPR, CCPA, HIPAA.

• Excellent problem-solving and analytical skills, with the ability to analyze sophisticated data to make informed decisions.

• Ability to manage partner expectations and resolve conflict.

• Ability to validate data obtained via other techniques and expose new areas for elicitation.

Preferred Skills:

• A master’s degree or MBA with a concentration in information systems or cybersecurity is not required but encouraged.

• Experience with various cybersecurity and infrastructure tools and technologies.

• Background/abilities in vulnerability management products and methodologies.

• Prior experience working with cloud platforms like AWS, Azure, or Google Cloud is highly desirable

Additional Information:

McDonald’s is committed to providing qualified individuals with disabilities reasonable accommodations to perform the essential functions of their jobs. Additionally, if you (or another applicant of whom you are aware) require assistance accessing or reading this job posting or otherwise seek assistance in the application process, please contact recruiting.supportteam@us.mcd.com

McDonald’s provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Nothing in this job posting or description should be construed as an offer or guarantee of employment.

Requsition ID: REF7390I_743999997853431