Manager, Sr. Information Security Engineer
McDonald’s, one of the most recognized brands in the world, is seeking an Application Security Engineer to support our security team. You will work in close collaboration with application owners, project managers, business analysts, and developers from IT Solutions teams to ensure GTRM policies and standards are being met for McDonald’s initiatives. You will need to be able to take technical details and summarize them for consumption by executive leadership in the Business and IT functions. We are moving fast and are adding to our best-in-class team. Joining McDonald's means thinking big every single day and preparing for a career that can have impact around the world. We are customer obsessed, committed to being leaders in our industry and believe we are better when we work together. Over the last year, we have launched home delivery, radically improved the digital experiences of our restaurants, introduced mobile pay and have so much more to come. That said, the biggest area of increase in our spending has been in technology, which is helping to drive our growth. We’re looking at how to use technology to improve the customer experience and build new customer experiences. We’re also exploring technologies that can help us reduce or eliminate repetitive tasks and make employees’ jobs more interesting and rewarding. With all the new projects and initiatives, it is an exciting time to be on the team that is helping to make a Better McDonald's!
Required skills: · You have at least two years of product or application development experience. · You have at least two years of direct information security experience, including architectural integration of security technologies and ability to identify potential risks to solution security. · Previous experience and appreciation for a global, 24x7x365 technology environment. Desired skills: · Strong ability to develop strategic direction and long term objectives without supervision. · Confirmed interpersonal skills with the ability to translate complex technical issues or concepts to non-technical audiences in a clear and concise manner that focuses on business value. · Proficient in technical writing and creation of policies, standards, procedures and guidelines. · Strong ability to assess urgency and prioritization and make good decision based upon situational circumstances. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
In this role, you will develop and maintain an application security program that is designed to ensure that any software developed or acquired meets stringent McDonald’s standards while enabling continued innovation to meet customers’ ever-changing needs. Additional responsibilities will include, but are not limited to: · Providing recommendations to Information Security policies and defining governance procedures for secure application development. · You will craft and deploy application security tools and processes to support OWASP Top 10 alignment of critical central Secure Software Development Lifecycle controls. · Collaborating with internal and external development teams (Java, .Net, etc.) to integrate security tools, standards, and processes into the product life cycle. · You will ensure that developers and QA personnel have the appropriate level of security knowledge and support to perform their daily activities. · You will assist application owners and development teams with analysis and interpretation of identified vulnerabilities. · Providing application security expertise to support the incident response and architecture review processes. · You will establish a governance framework to benchmark the state of said program and the performance of development teams against McDonald’s current program.