McDonald's - Chicago, IL

posted about 2 months ago

Full-time
Chicago, IL
Food Services and Drinking Places

About the position

McDonald's is seeking a Business Technical Cyber Analyst - Vulnerability Management. In this role, you will develop new Cybersecurity services and enhance existing services to meet the increasing needs for protecting our users, devices, networks, applications, and data through vulnerability management. You will work closely with all areas of the business and technology teams to ensure that our services are meeting the needs of markets, application teams, corporate departments, and other partners. Your primary responsibility will be to implement, operate, and enhance a Vulnerability Management program aimed at reducing exposure and improving the overall security posture for cloud, on-prem, and hybrid environments. You will partner with other security practitioners and technology leaders to share standard methodologies and insights, driving continuous improvement of the global Vulnerability Management program, including its infrastructure. Additionally, you will develop and maintain vulnerability and remediation metrics to assist with resourcing and improving security posture, while also working with intelligence partners to research, integrate, monitor, and measure relative threats. You will manage timely responses to customer requests with attention to detail, implement and manage internal, external, and cloud network and agent-based vulnerability scanning, and assist in deploying vulnerability management infrastructure that includes scanners, sensors, and agent configurations. Your role will also involve performing gap assessments and vulnerability prioritization, establishing credibility as a trusted domain expert to our customers, and implementing cybersecurity policies and procedures in accordance with industry best practices and regulatory requirements. Furthermore, you will supervise and analyze the environment for potential threats, identify vulnerabilities, and implement cybersecurity measures to protect against unauthorized access. In addition, you will assist with cybersecurity risk assessments, IT audits, and/or vulnerability assessments, identify opportunities for process or technology enhancements, and collaborate with IT and business teams to develop and maintain a robust cybersecurity infrastructure. Keeping abreast of the latest cybersecurity trends and threat intelligence will be crucial to ensure the organization's security measures are up to date. You will leverage analytics to help standardize ways to measure organizational efficiency and effectiveness.

Responsibilities

  • Implement, operate and enhance a Vulnerability Management program to reduce exposure and improve overall security posture for cloud, on-prem and hybrid environments.
  • Partner with other security practitioners, and technology leaders to share standard methodologies and insights.
  • Drive continuous improvement of the global Vulnerability Management program including its infrastructure.
  • Develop and maintain vulnerability and remediation metrics to assist with resourcing and improving security posture.
  • Work with intelligence partners to research, integrate, monitor and measure relative and threats.
  • Manage timely responses to customer requests with attention to detail.
  • Implement and manage internal, external and cloud network and agent-based vulnerability scanning.
  • Assist in deploying vulnerability management infrastructure that includes scanners, sensors, and agent configurations.
  • Work with customers to perform gap assessments and vulnerability prioritization.
  • Establish credibility as a trusted domain expert to our customers.
  • Implement cybersecurity policies and procedures in accordance with industry best practices and regulatory requirements.
  • Supervise and analyze the environment for potential threats, identify vulnerabilities, and implement cybersecurity measures to protect against unauthorized access.
  • Assist with cybersecurity risk assessments, IT audits and/or vulnerability assessments.
  • Identify opportunities and recommend process or technology enhancements.
  • Identify operational gaps, measure current state performance, and implement improvement solutions.
  • Assist cybersecurity engineers to plan and perform cybersecurity risk and vulnerability reviews, including penetration tests and security design reviews, to identify vulnerabilities in the organization's systems.
  • Collaborate with IT and business teams to develop and maintain a robust cybersecurity infrastructure.
  • Keep abreast of the latest cybersecurity trends and threat intelligence to ensure the organization's security measures are up to date.
  • Leverage analytics to help standardize ways to measure organizational efficiency/effectiveness.

Requirements

  • A bachelor's degree or equivalent experience in Cybersecurity, Information Technology, Computer Science, or a related field.
  • A minimum of 2-4 years of experience in a cybersecurity or a related technology role.
  • Willingness and ability to live the McDonald's values every day: Serve, Inclusion, Integrity, Community, and Family.
  • Capability working with customers, presentations, and participating in requirements sessions.
  • Understanding of the complete software implementation lifecycle - including data requirements gathering, dataset migration, data reconciliation, and move to production.
  • Ability to collaborate with cross-organizational partners, both corporate and in the market, to define requirements and resolve issues.
  • Highly collaborative along with independent critical thinking and creative problem-solving skills.
  • Highly organized and diligent, with the ability to keep many engagements active at once.
  • Comfortable with ambiguity and ability to navigate uncertainty.
  • Understanding of sophisticated multinational companies and distributed business models.
  • Good interpersonal skills with the ability to communicate sophisticated technical concepts to non-technical partners.
  • Proficient in technical writing and creating policies, standards, procedures, and guidelines.
  • Ability to interpret and understand business needs and effectively communicate them to peer teams.
  • Demonstrable ability to identify project objectives and define optimal project approaches to align security controls with program success.
  • Story-telling; the use of metrics and analytics to enable senior-leadership to make timely operational decisions with the proper security comprehension.
  • Intermediate knowledge and experience of cybersecurity concepts, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, and content filtering.
  • Solid understanding of current cybersecurity threats, techniques, and landscape, as well as a dedicated and driven desire to research current cybersecurity landscape.
  • Familiarity with cybersecurity frameworks (e.g., NIST, ISO 27001) and risk management methodologies.
  • Familiarity with key compliance and IT frameworks such as NIST, OWASP SAMM, PCI, GDPR, CCPA, HIPAA.
  • Excellent problem-solving and analytical skills, with the ability to analyze sophisticated data to make informed decisions.
  • Ability to manage partner expectations and resolve conflict.
  • Ability to validate data obtained via other techniques and expose new areas for elicitation.

Nice-to-haves

  • A master's degree or MBA with a concentration in information systems or cybersecurity is not required but encouraged.
  • Experience with various cybersecurity and infrastructure tools and technologies.
  • Background/abilities in vulnerability management products and methodologies.
  • Prior experience working with cloud platforms like AWS, Azure, or Google Cloud is highly desirable.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service