Apply on Employer Site

McDonald's · 2 months ago

Sr Manager, Penetration Testing

Chicago, IL, US, 60607

Full-time

Hybrid

Senior Level, Lead/Staff, Director/Executive

$153K/yr - $191K/yr

6+ years exp

McDonald's is one of the world's most recognized brands, operating in over 100 countries. They are seeking a Senior Manager for Penetration Testing to lead security assessments, manage audit teams, and ensure the execution of technology and digital audit plans while maintaining high-quality deliverables.

Restaurants

H1B Sponsor Likely

Responsibilities

Conduct Penetration testing (50-75% of the role) to identify and mitigate security vulnerabilities

Assist in executing annual risk assessment activities for technology, digital, and related areas, and developing the technology and digital audit plan

Lead the Security & Privacy portion of our technology and digital audit plan, ensuring that assessment activities are successfully completed on-time and on-budget

Lead technology assessments including penetration testing, red teaming, and technical assessments related to data privacy, cloud infrastructure, data protection, network security, secure coding, mobile and web applications, and Internet of Things (IoT)

Manage and guide the Technology & Digital Audit team in conducting all aspects of our projects including, but not limited to, the development of assessment scope and objectives, development of risk and control matrix, testing approach, handling key communications, audit deliverables, and monitoring issue remediation efforts

Assist with setting and executing the department's Security & Privacy Assessment strategy

Assist in the successful execution of Sarbanes-Oxley (SOX) IT controls testing, including providing support and assistance to our offshore third-party testing partner

Contribute during periodic leadership meetings on the department's strategy, processes, and approaches, demonstrating strong security, privacy, and audit domain knowledge

You will work with IT leadership on topics including technology and digital strategies, privacy and related regulations, customer loyalty program, and cybersecurity. Partner with management to improve effective identify risks and improve the control environment

Earn trust with leadership by effectively managing sensitive risk and audit discussions, communications, and deliverables

Demonstrate thought leadership for current and emerging technology topics including cybersecurity, DevOps, privacy compliance, and data governance

Provide meaningful hands-on guidance during assessments of areas including privacy and data protection, data governance, information security, third parties, and digital operations. Whenever necessary, directly execute audit work

Ensure that all team deliverables are of high-quality through high-engagement, detailed oversight, direct involvement, and thought leadership

Lead internal infrastructure projects, increasing the department's capabilities and contributing to the continuous improvement of the audit function

Develop, coach, and mentor a high-performing audit team through hiring, oversight, training, and timely and candid performance feedback

Qualification

Penetration TestingRed TeamingInformation Technology AuditsSecurity & Privacy AssessmentNmapWiresharkProgramming/ScriptingData AnalyticsCISSPLeadership SkillsCommunication SkillsTeam Management

Required

Bachelor's degree in Engineering, Computer Science, Information Technology, or related field

6+ years of related work experience

Experience in delivering and leading penetration testing activities, red teaming, mobile and web application assessments, technical assessments, information technology audits, financial compliance (Sarbanes-Oxley) audits, program and system implementation reviews, and advisory projects

Hands-on experience with enterprise-grade tools such as Nmap, Wireshark, BloodHound and Impacket

Experience with programming, scripting, data analytics, and other technical solution design and development

Experience in managing teams, delivering high-quality audit work products, and communicating effectively with various partners (e.g., external/internal audit, senior management, etc.)

Familiarity with information technology, business processes and financial reporting audits and familiarity with control frameworks such as NIST, COBIT, ITIL, PCI, ISO, SOX, and global data privacy laws (e.g. GDPR, CCPA, CPRA)

Strong knowledge across a breadth of IT processes, including but not limited to: security operations, program management, security administration, system operations, change management, modern development (e.g., DevOps, Agile), data governance, privacy, and incident/problem management

Proven leadership skills and a tendency to lead through influence, lead by example, build relationship and collaborate

Available to travel (domestic and international) up to 10%

Preferred

Master's degree

Professional credentials preferred (CISSP, OSCP, CRTO, CISSP, CEH, CIPT, CDPSE, CISA, or comparable)

Benefits

Health and welfare benefits

A 401(k) plan

Adoption assistance program

Educational assistance program

Flexible ways of working

Time off policies (including sick leave, parental leave, and vacation/PTO)

Bonus

Stock or other equity grants pursuant to McDonald’s long-term incentive plan

Company

McDonald's

Glassdoor3.6

McDonald’s is the world’s leading global foodservice retailer with over 37,000 locations in over 100 countries.

Founded in 1955

Chicago, Illinois, US

10001+ employees

https://corporate.mcdonalds.com/

H1B Sponsorship

McDonald's has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (61)

2024 (77)

2023 (37)

2022 (31)

2021 (60)

2020 (12)