Job Description
Company Description:
McDonald's new growth strategy, Securing the Arches, encompasses all aspects of our business as the leading global omnichannel restaurant brand. As the consumer landscape shifts, we use our competitive advantages to strengthen our brand further. One of our core growth strategies is to Double Down on the 3Ds (Delivery, Digital, and Drive Thru). McDonald's will accelerate technology innovation so 65M+ customers a day will experience a fast, easy experience, whether at one of our 25,000 and growing Drive-Thrus, through McDelivery, dine-in, or takeaway.
McDonald's Global Technology organization leads this tech revolution, comprised of intrapreneurs who get to build cool tech with scary intelligent people using the latest innovations like AI, IoT, and edge computing. We do this by working along diverse, global teams who are always hungry for a challenge. It is a bonus point when you see your family and friends use the tech you build at their favourite McD restaurant.
As we have matured as an engineering organization and seen the demands for technology grow exponentially, we are gearing up to deliver on the next set of opportunities for the business. We are building our internal team to support our growing needs in cybersecurity. We are building various squads of subject matter experts with traditional and specialized skill sets, both from internal departments and with our partners, to help us flex with demand and solve technology innovation challenges at an incredible scale.
Job Description:
The Senior Manager, Cyber Defence will support the cybersecurity response program by providing leadership in delivering timely, actionable, and relevant threat intelligence tailored to enable the improvement of McDonald's security posture. The Senior Manager, Cyber Defence is responsible for providing oversight and support of the collection of threat information, threat analysis, and dissemination of timely, relevant, and actionable cyber threat intelligence. These capabilities will include the timely collection of advanced warnings of impeding IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and tactical support of the incident response process. The Senior Manager, Cyber Defence will also directly support defining, delivering, and sustaining the Cybersecurity Response Threat Operations program strategy.
Responsibilities:
- Provide oversight in Threat Operations support of the Security Operations Center (SOC) in effectively detecting, analysing, and containing cyber-attacks. Provides direct operational and tactical support to security operations and incident response processes. Provide Tier III analytical support for escalated security incidents.
- Provide support and oversight of triaging intelligence alerts/events from intelligence partners.
- Authoring and edit cyber threat intelligence reports supporting the needs of internal and external stakeholders at the tactical, operational, and strategic levels.
- Maintain senior level awareness of geopolitical issues and their influence on the global or relevant regional threat landscape.
- Provide detailed information correlation, analysis, and subject matter expertise of cyber threats as it applies to the Retail and Hospitality Sector.
- Provide leadership in overseeing the threat operations program, including supporting personnel, developing requirements, policy enforcement, emergency planning, security awareness, and other resources.
- Developing policies and plans and/or advocating for changes that support threat operations initiatives or required changes/enhancements.
What type of background do I need?
- Must have a background in providing leadership in the intelligence field and have an expert level understanding of analytical methods, the intelligence cycle, collection management, and information source evaluation techniques
- Expert level understanding of industry-standard threat analysis models such as the MITRE ATT&CK Framework, The Cyber Kill Chain, The Diamond Model, the Pyramid of Pain, DeTT&CT, and the NIST Cybersecurity Framework
- Strong understanding of standard techniques used by malware and threat actors and utilize an industry-standard lexicon for discussing such threats
- Expert level experience with the use of a Threat Intelligence Platform or All-Source Intelligence Analysis tools
- Familiarity with intelligence-sharing communities and strong experience in cross-collaboration with Security Operation and Incident Response teams.
- Deep technical knowledge of the cyber threat landscape, including threat actors, tactics, tools and procedures, and effective countermeasures
- Ability to analyse, summarise, and communicate large volumes of information clearly and concisely to leadership and both technical/non-technical audiences
Required Skills:
- Strong understanding of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defence-in-depth).
- Experience working with Information Sharing Organizations and Analysis Centres
- Experience developing enterprise-level intelligence/information-sharing policies and standards are preferred.
- Expert level understanding of cybersecurity principles and organisational requirements, including threat detection, incident response, and security operations methodologies.
- Expert level understanding of investigating threats, utilizing open-source intelligence (OSINT), intelligence from trusted third parties, and other information sources to uncover threat actors and their tactics, techniques, and procedures (TTPs) while providing context to threats and reaching conclusions from incomplete or missing data.
- Strong understanding of the MITRE ATT&CK framework, NIST Cybersecurity Framework, and other cyber security frameworks.
- Team-player mentality and a willingness to work with and lead a disparate global team.
- Strong familiarity working with Threat Intelligence Platforms such as Analyst1, i2 Analyst Notebook, Anomali Threatstream, etc.
- Strong Understanding of Intelligence and Security Solutions such as ProofPoint, Digital Shadows, Cyjax, and Q-Radar.
- Exceptional communication and presentation skills. Ability to present publicly as a thought leader in security
- Demonstrated capability to deliver highly polished, timely, actionable, and relevant threat intelligence products at the tactical, operational, and strategic levels (must provide examples or complete a writing prompt).
Qualifications:
- Bachelor's degree or equivalent OTJ experience.
- GIAC Security Essentials, CompTIA Security+, EC-Council C|TIA, or equivalent training.
- Significant experience in a role that required daily interaction with Cyber Security personnel, tools, and processes.
- Experience working in a focused Intelligence role.
- Internal and external threat reconnaissance.
- Experience working with Global Enterprise organizations.
Desired Qualifications
- Master's Degree
- Experience with designing and deploying security solutions.
- Experience with strategic planning, budgeting, and allocation.
- Military or Government All-Source Intelligence or Cyber Intelligence background
- Capability to interpret and comprehend scripts and various programming languages. Highly desired skills in Python, R, or similar scripting languages (must provide examples).
- Experience working with Security Automation and Orchestration (SOAR) solutions.
- Strong understanding of data analytics and data visualization best practices.
- OKR Certified or Foundational understanding of methodologies behind driving Objectives and Key Results.
- Demonstrated track record of success in delivering in a security environment.
- Strong project leadership and support skills.
- Strong analytical skills and cross-functional knowledge across multiple security disciplines
- Must possess a high degree of integrity, be trustworthy, and have the ability to work with autonomy.
Additional Information:
At McDonald's we are People from all Walks of Life...
People are at the heart of everything we do, and they make the McDonald's experience. We embrace diversity and are committed to creating an inclusive culture that means people can be their best authentic self in our restaurants and offices, which helps us to better serve our customers. We have a strong heritage of diversity and representation within our communities, which we are proud of. The diversity of our people, customers, Franchisees and suppliers gives us strength.
We do not tolerate inequality, injustice or discrimination of any kind. These are hugely important issues and a brand with our reach and relevance means we have a very meaningful role to play.
We also recognise our responsibility as a large employer to continue being active in our communities, helping to develop skills and drive aspirations that will help people to be more aware of the world of work and more successful within it, whether with McDonald's or elsewhere."
What We Do
McDonald’s is the world’s leading global foodservice retailer with over 38,000 locations in over 100 countries. We feed 68 million people every day and, along with our franchisees, employ 1.9 million people worldwide.
We're a household name across the globe, and we’re in the midst of a tech revolution in our business, doubling down on tech and creating a tech ‘recipe’ that is almost as proprietary as our Big Mac sauce®. Our tech organization is made up of intrapreneurs who get to build really cool tech with scary smart people using the latest innovations like AI, IOT, edge computing.
Why Work With Us
You'll work on industrial-scale products and platforms, alongside diverse, global teams who are always hungry for a challenge. We invest more than $1 billion in tech every year and have countless projects in AI, ML Image/Voice Recognition, IoT, robotics, edge computing and more. Bonus: see your family and friends use your work across the world.
Gallery
McDonald’s Global Technology Teams
McDonald’s Global Technology Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
We believe in nurturing relationships while also offering flexibility. Please see each job description for specific details on hybrid or remote work.