Senior Manager of Threat Operations at McDonald's Global Technology (Chicago, IL or Remote)
McDonald's new growth strategy, Accelerating the Arches, encompasses all aspects of our business as the leading global omni-channel restaurant brand. As the consumer landscape shifts we are using our competitive advantages to further strengthen our brand. One of our core growth strategies is to Double Down on the 3Ds (Delivery, Digital and Drive Thru). McDonald's will accelerate technology innovation so 65M+ customers a day will experience a fast, easy experience, whether at one of our 25,000 and growing Drive Thrus, through McDelivery, dine-in or takeaway.
Leading this tech revolution is McDonald's Global Technology organization made up of intrapreneurs who get to build really cool tech with scary smart people using the latest innovations like AI, IOT, and edge computing. We do this working along diverse, global teams who are always hungry for a challenge. It's bonus points when you get to see your family and friends use the tech you build at their favorite McD restaurant.
As we have matured as an engineering organization and seen the demands for technology grow exponentially, we're gearing up to deliver on the next set of opportunities for the business. We are building up an engineering team in house accountable for our strategic products. We'll have diverse squads made up of engineers with traditional and specialized skillsets, both from internal engineers coupled with our partners, to help us flex with demand and solve technology innovation challenges done at an incredible scale.
Check out the Global Technology Technical Blog to learn how technology is directly enabling the Accelerating the Arches strategy.
The Senior Manager of Threat Operations will support the cybersecurity response program by providing leadership in delivering threat intelligence tailored to enable the improvement of McDonald's security posture. The Senior Manager of Threat Operations is responsible for providing oversight and support of the collection of threat information, threat analysis, and dissemination of timely, relevant, and useful cyber threat intelligence. These capabilities will include the timely collection of sophisticated warnings of impeding IT vulnerabilities or threats, a detailed correlation, analysis, and storage of threat intelligence information, and tactical support of the incident response process. The Senior Manager of Threat Operations will also directly support defining, delivering, and sustaining the Cybersecurity Response Threat Operations program strategy.
- Provide oversight in Threat Operations support of the Security Operations Center (SOC) in effectively detecting, analyzing, and containing cyber attacks. Provides direct operational and tactical support to security operations and incident response processes. Provide Tier III analytical support for escalated security incidents.
- Provide support and oversight of triaging intelligence alerts/events from intelligence partners.
- Authoring and edit cyber threat intelligence reports supporting the needs of internal and external partners at the tactical, operational, and strategic levels.
- Maintain senior level awareness of geopolitical issues and their influence on the global or relevant regional threat landscape.
- Provide detailed information correlation, analysis, and domain expertise of cyber threats as it applies to the Retail and Hospitality Sector.
- Provide leadership in overseeing the threat operations program, including supporting personnel, developing requirements, policy enforcement, emergency planning, security awareness, and other resources.
- Developing policies and plans and/or advocating for changes that support threat operations initiatives or required changes/enhancements.
- Bachelor's degree or equivalent OTJ experience.
- GIAC Security Essentials, CompTIA Security+, EC-Council C|TIA, or equivalent training.
- Senior experience in an internal and external threat reconnaissance within a Global Enterprise organizations
- Solid grasp of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth).
- Experience working with Information Sharing Organizations and Analysis Centers. Additionally, candidates with experience developing enterprise-level intelligence/information-sharing policies and standards are preferred.
- Expert level understanding of cybersecurity principles and organizational requirements, including threat detection, incident response, and security operations methodologies.
- Expert level understanding of investigating threats, utilizing open source intelligence (OSINT), intelligence from trusted third parties, and other information sources to uncover threat actors and their tactics, techniques, and procedures (TTPs) while providing context to threats and reaching conclusions from incomplete or missing data.
- Strong understanding of the MITRE ATT&CK framework, NIST Cybersecurity Framework, and other cyber security frameworks.
- Must be able to work effectively and efficiently with no oversight in a fast-paced and fluid operating environment. Must be able to effectively prioritize work in high-pressure situations.
- A robust team-player mentality and a willingness to work with and lead a disparate global team.
- Strong familiarity working with Threat Intelligence Platforms such as Analyst1, i2 Analyst Notebook, Anomali Threatstream, etc.
- Strong Understanding of Intelligence and Security Solutions such as ProofPoint, Digital Shadows, Cyjax, and Q-Radar.
- Demonstrated capability to deliver highly polished, timely, concrete, and relevant threat intelligence products at the tactical, operational, and strategic levels (must provide examples or complete a writing prompt).
- Experience with designing and deploying security solutions.
- Expeirence with strategic planning, budgeting, and allocation.
- Capability to interpret and comprehend scripts and various programming languages. Highly desired skills in Python, R, or similar scripting languages (must provide examples).
- Experience working with Security Automation and Orchestration (SOAR) solutions.
- Solid understanding of data analytics and data visualization best practices.
- OKR Certified or Foundational understanding of methodologies behind driving Objectives and Key Results.
McDonald's is committed to providing qualified individuals with reasonable accommodations to perform the essential functions of their jobs. Additionally, if you (or another applicant of whom you are aware) require assistance accessing or reading this job posting or otherwise seek assistance in the application process, please contact [email protected]
McDonald's provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Nothing in this job posting or description should be construed as an offer or guarantee of employment.