McDonald's - Chicago, IL

posted about 2 months ago

Full-time
Chicago, IL
Food Services and Drinking Places

About the position

McDonald's is seeking a Business Technical Cyber Analyst specializing in Vulnerability Management. In this role, you will be responsible for developing new cybersecurity services and enhancing existing ones to meet the growing demands for protecting our users, devices, networks, applications, and data through effective vulnerability management. You will collaborate closely with various business and technology teams to ensure that our services align with the needs of markets, application teams, corporate departments, and other partners. Your primary focus will be to implement, operate, and enhance a Vulnerability Management program aimed at reducing exposure and improving the overall security posture across cloud, on-premises, and hybrid environments. You will partner with other security practitioners and technology leaders to share best practices and insights, driving continuous improvement of the global Vulnerability Management program and its infrastructure. Additionally, you will develop and maintain vulnerability and remediation metrics to assist with resource allocation and enhance security posture. As part of your responsibilities, you will work with intelligence partners to research, integrate, monitor, and measure relevant threats. You will manage timely responses to customer requests with meticulous attention to detail and implement and manage internal, external, and cloud network vulnerability scanning. Your role will also involve conducting gap assessments and vulnerability prioritization in collaboration with customers, establishing credibility as a trusted domain expert. You will implement cybersecurity policies and procedures in accordance with industry best practices and regulatory requirements, supervise and analyze the environment for potential threats, and identify vulnerabilities to implement necessary cybersecurity measures. Assisting with cybersecurity risk assessments, IT audits, and vulnerability assessments will also be part of your duties. You will identify opportunities for process or technology enhancements, measure current state performance, and implement improvement solutions. Collaborating with IT and business teams, you will help develop and maintain a robust cybersecurity infrastructure while keeping abreast of the latest cybersecurity trends and threat intelligence to ensure the organization's security measures remain current.

Responsibilities

  • Implement, operate and enhance a Vulnerability Management program to reduce exposure and improve overall security posture for cloud, on-prem and hybrid environments.
  • Partner with other security practitioners and technology leaders to share standard methodologies and insights.
  • Drive continuous improvement of the global Vulnerability Management program including its infrastructure.
  • Develop and maintain vulnerability and remediation metrics to assist with resourcing and improving security posture.
  • Work with intelligence partners to research, integrate, monitor and measure relative threats.
  • Manage timely responses to customer requests with attention to detail.
  • Implement and manage internal, external and cloud network and agent-based vulnerability scanning.
  • Assist in deploying vulnerability management infrastructure that includes scanners, sensors, and agent configurations.
  • Work with customers to perform gap assessments and vulnerability prioritization.
  • Establish credibility as a trusted domain expert to our customers.
  • Implement cybersecurity policies and procedures in accordance with industry best practices and regulatory requirements.
  • Supervise and analyze the environment for potential threats, identify vulnerabilities, and implement cybersecurity measures to protect against unauthorized access.
  • Assist with cybersecurity risk assessments, IT audits and/or vulnerability assessments.
  • Identify opportunities and recommend process or technology enhancements.
  • Identify operational gaps, measure current state performance, and implement improvement solutions.
  • Assist cybersecurity engineers to plan and perform cybersecurity risk and vulnerability reviews, including penetration tests and security design reviews, to identify vulnerabilities in the organization's systems.
  • Collaborate with IT and business teams to develop and maintain a robust cybersecurity infrastructure.
  • Keep abreast of the latest cybersecurity trends and threat intelligence to ensure the organization's security measures are up to date.
  • Leverage analytics to help standardize ways to measure organizational efficiency/effectiveness.

Requirements

  • A bachelor's degree or equivalent experience in Cybersecurity, Information Technology, Computer Science, or a related field.
  • A minimum of 2-4 years of experience in a cybersecurity or a related technology role.
  • Willingness and ability to live the McDonald's values every day: Serve, Inclusion, Integrity, Community, and Family.
  • Capability working with customers, presentations, and participating in requirements sessions.
  • Understanding of the complete software implementation lifecycle - including data requirements gathering, dataset migration, data reconciliation, and move to production.
  • Ability to collaborate with cross-organizational partners, both corporate and in the market, to define requirements and resolve issues.
  • Highly collaborative along with independent critical thinking and creative problem-solving skills.
  • Highly organized and diligent, with the ability to keep many engagements active at once.
  • Comfortable with ambiguity and ability to navigate uncertainty.
  • Understanding of sophisticated multinational companies and distributed business models.
  • Good interpersonal skills with the ability to communicate sophisticated technical concepts to non-technical partners.
  • Proficient in technical writing and creating policies, standards, procedures, and guidelines.
  • Ability to interpret and understand business needs and effectively communicate them to peer teams.
  • Demonstrable ability to identify project objectives and define optimal project approaches to align security controls with program success.
  • Story-telling; the use of metrics and analytics to enable senior-leadership to make timely operational decisions with the proper security comprehension.
  • Intermediate knowledge and experience of cybersecurity concepts, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, and content filtering.
  • Solid understanding of current cybersecurity threats, techniques, and landscape, as well as a dedicated and driven desire to research current cybersecurity landscape.
  • Familiarity with cybersecurity frameworks (e.g., NIST, ISO 27001) and risk management methodologies.
  • Familiarity with key compliance and IT frameworks such as NIST, OWASP SAMM, PCI, GDPR, CCPA, HIPAA.
  • Excellent problem-solving and analytical skills, with the ability to analyze sophisticated data to make informed decisions.
  • Ability to manage partner expectations and resolve conflict.
  • Ability to validate data obtained via other techniques and expose new areas for elicitation.

Nice-to-haves

  • A master's degree or MBA with a concentration in information systems or cybersecurity is not required but encouraged.
  • Experience with various cybersecurity and infrastructure tools and technologies.
  • Background/abilities in vulnerability management products and methodologies.
  • Prior experience working with cloud platforms like AWS, Azure, or Google Cloud is highly desirable.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service