Job Description

T he primary purpose of this role is to lead the threat modeling service at McDonald’s. This includes managing the Irius Risk SaaS platform, collaborating with the Cyber Security Architecture and Engineering team to align it with McDonald’s risk posture, and assisting others in creating effective threat models.

Responsibilities & Accountabilities

• Manage the Irius Risk platform, including access control, solving, and customization to align with McDonald’s security policies and standards.
• Provide coaching and training on the practices for using Irius Risk.
• Apply an interdisciplinary, collaborative approach to design, implement, and promote threat modeling across McDonald’s.
• Establish processes for managing Irius Risk, including configuring default settings and ensuring alignment with McDonald’s infrastructure.
• Work with application teams to develop effective threat models.
• Train and socialize Irius Risk usage with other teams.
• Ensure threat modeling follows GCS guidelines for service maturity.

Benefits eligible: Yes

Bonus eligible: Yes

Long term incentive eligible: Yes

The expected salary range for this role is $129,800 - $165,490

The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we may also consider your experience, and other job-related factors.

Qualifications

Basic Qualifications

• Bachelor’s degree in computer science, information technology, or a related field, or equivalent experience.
• 4+ years of experience in a technical role within the cybersecurity field.
• Strong problem-solving and analytical skills to address complex cybersecurity issues.
• Excellent communication to articulate the importance of security to business and IT partners.
• Proficiency in implementing effective mitigation strategies to prevent security breaches.
• High level of integrity and professionalism to maintain partner trust.
• Experience with threat modeling, ideally using a tool like Irius Risk.

Preferred Qualifications

• Intermediate level IT or security certification

Additional Information

Benefits eligible: This position offers health and welfare benefits, a 401(k) plan, adoption assistance program, educational assistance program, flexible ways of working, and time off policies (including sick leave, parental leave, and vacation/PTO). Eligibility requirements apply to some benefits and may depend on job classification and length of employment.

Bonus eligible: This position is eligible for a bonus, calculated based on individual and company performance.

Long term Incentive eligible: This position is eligible for stock or other equity grants pursuant to McDonald’s long-term incentive plan.

McDonald’s is an equal opportunity employer committed to the diversity of our workforce. We promote an inclusive work environment that creates feel-good moments for everyone. McDonald’s provides reasonable accommodations to qualified individuals with disabilities as part of the application or hiring process or to perform the essential functions of their job. If you need assistance accessing or reading this job posting or otherwise feel you need an accommodation during the application or hiring process, please contact mcdhrbenefits@us.mcd.com. Reasonable accommodations will be determined on a case-by-case basis.

McDonald’s provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Nothing in this job posting or description should be construed as an offer or guarantee of employment.