Company Description

McDonald's evolving Accelerating the Arches growth strategy puts our customers and people first and demonstrates our competitive advantages to strengthen our brand. We are recognized on lists like Fortune’s Most Admired Companies and Fast Company’s Most Innovative Companies.

Doubling Down on the 4Ds (Delivery, Digital, Drive Thru, and Development)

Our growth pillars emphasize the critical role technology plays as the best-in-class, global omni-channel restaurant brand. Technology enables the organization through digital technologies, and improving the customer, crew and employee experience each and every day!

Global Technology forging the way

Leading the digitization of our business is the Technology organization made up of innovation specialists who build industry defining tech using the latest innovations and platforms, like AI and edge computing to deliver on the next set of groundbreaking opportunities for the business. We take on technology innovation challenges at an incredible scale, and work across global teams who are always hungry for a challenge! This provides access to compelling career paths for technologists. It’s bonus points when you get to see your family and friends use the tech you build at their favorite McD restaurant.

Job Description

The Supervisor of Threat Operations will support the cybersecurity response program by consistently delivering timely, actionable, and relevant threat intelligence to enable the improvement of McDonald’s security posture. The Supervisor of Threat Operations is responsible for collecting, analyzing, and disseminating cyber threat intelligence. These capabilities will include the timely collection of sophisticated warnings of impeding IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and tactical support of the incident response process. They will also support the definition, delivery, and sustainment of the cybersecurity response strategy.

Roles and Responsibilities

• Support the Security Operations Center (SOC) in effectively detecting, analyzing, and containing cyber attacks. Provides direct operational and tactical support to security operations and incident response processes. Provide Tier III analytical support for raised security incidents.
• Triage intelligence alerts/events from intelligence partners.
• Authoring cyber threat intelligence reports supporting the needs of internal and external partners at the tactical, operational, and strategic levels.
• Maintain awareness of geopolitical issues and their influence on the global or relevant regional threat landscape.
• Detailed information correlation, analysis, and domain expertise of cyber threats as it applies to the Retail and Hospitality Sector.
• Daily review and triage of intelligence alerts and reporting.
• Indicator of Compromise (IOC) / Observable extraction, enrichment, and correlation.
• In the absence of direct leadership, be responsible for the threat intelligence program, including supporting personnel, developing requirements, policy enforcement, emergency planning, security awareness, and other resources.
• Aid in developing policies and plans and/or advocating for changes that support threat intelligence initiatives or required changes/enhancements.
• Maintain an understanding of attacks, vectors, and emerging threats.

Qualifications

Basic Qualifications

• Bachelor's degree or equivalent experience.
• GIAC Security Essentials, CompTIA Security+, EC-Council C|TIA, or equivalent training.
• 1-2 years of experience in a role that required daily interaction with Cyber Security personnel, tools, and processes.
• 1-2 years’ experience working in a focused Intelligence role.
• 1-2 years’ experience with internal and external threat reconnaissance.
• 1-2 years’ experience with threat hunting.
• Familiar with network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth).
• Experience working with Information Sharing Organizations and Analysis Centers. Additionally, experience developing enterprise-level intelligence/information-sharing policies and standards are preferred.
• Experienced in cybersecurity principles and organizational requirements, including threat detection, incident response, and security operations methodologies.
• Experience in investigating threats, using open source intelligence (OSINT), intelligence from trusted third parties, and other information sources to uncover threat actors and their tactics, techniques, and procedures (TTPs) while providing context to threats and reaching conclusions from incomplete or missing data.
• Familiarity with The Cyber Kill Chain, The Diamond Model, the Pyramid of Pain, DeTT&CT, MITRE ATT&CK, NIST Cybersecurity Framework, and other security frameworks.
• Capability to work effectively and efficiently with minimal oversight in a fast-paced and fluid operating environment.
• A robust team-player mentality and a willingness to work with a disparate distributed team.
• Strong familiarity working with Threat Intelligence Platforms such as Analyst1, i2 Analyst Notebook, Anomali Threatstream, etc.
• Solid Understanding of Intelligence and Security Solutions such as ProofPoint, Digital Shadows, Cyjax, and Q-Radar.
• Exceptional communication and presentation skills.
• Demonstrated capability to deliver well-written, timely, actionable, and relevant threat intelligence products at the tactical, operational, and strategic levels (must provide examples or complete a writing prompt).

Preferred Qualifications

• Master’s Degree or equivalent experience
• Military or U.S. Government All-Source Intelligence or Cyber Intelligence Background
• Capability to interpret and comprehend scripts and various programming languages. Highly desired skills in Python, R, or similar scripting languages (must provide examples).
• Fundamental understanding of Security Automation and Orchestration (SOAR).
• Solid understanding of data analytics and data visualization standard methodologies.
• objectives and key results Certified or Foundational understanding of methodologies behind driving Objectives and Key Results.
• Effectively prioritize in high-pressure situations
• Demonstrated track record of success in delivering in a security environment
• Ability to communicate publicly as an inspiring leader in security
• Strong analytical skills and multi-functional knowledge across multiple security disciplines
• Must possess a high degree of integrity, be trustworthy, and have the ability to work with autonomy
• Good interpersonal communication, negotiation, and presentation skills

Additional Information

McDonald’s is committed to providing qualified individuals with disabilities reasonable accommodations to perform the essential functions of their jobs. Additionally, if you (or another applicant of whom you are aware) require assistance accessing or reading this job posting or otherwise seek assistance in the application process, please contact [email protected]

McDonald’s provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Nothing in this job posting or description should be construed as an offer or guarantee of employment.