Cloud Security Engineer I
McDonald’s evolving Accelerating the Arches growth strategy puts our customers and people first, and leverages our competitive advantages to strengthen our brand. We are recognized on lists like Fortune’s Most Admired Companies and Fast Company’s Most Innovative Companies.
Doubling Down on the 4Ds (Delivery, Digital, Drive Thru, and Development)
Our growth pillars emphasize the important role technology plays as the leading, global omni-channel restaurant brand. Technology enables the organization through digital technology, and improving the customer, crew and employee experience each and every day.
Global Technology forging the way
Leading the digitization of our business is the Technology organization made up of intrapreneurs who build industry defining tech using the latest innovations and platforms, like AI and edge computing to deliver on the next set of cutting-edge opportunities for the business. At McDonald’s you get to solve technology innovation challenges at an incredible scale, and work across global teams who are always hungry for a challenge. This provides access to exciting career paths for technologists. It’s bonus points when you get to see your family and friends use the tech you build at their favorite McD restaurant.
Check out the Global Technology Technical Blog to learn how technology is directly enabling the Accelerating the Arches strategy.Job Description:
This opportunity is part of the Global Technology Infrastructure & Operations team (GTIO), where our mission is to deliver modern and relevant technology that supports the way McDonald’s works. We provide best-in-class foundational technology products and services including Global Networking, Cloud, End User Computing, and IT Service Management. It’s our goal to always provide an engaging, relevant, and simple experience for our customers.
The Cloud Security Engineer I role is part of the Cloud Ecosystem team in Global Technology Infrastructure & Operations. The role reports to the Director of Cloud Security and is responsible for delivering the enterprise security engineering outcomes, delivering enhancements and automating security controls, supporting DevOps and Engineers consuming cloud resources to ensure it is done in an important and secure manner, and engaging with cybersecurity and risk management teams to improve the security posture of the cloud environments.
This is an exciting opportunity for an experienced technology leader to help shape the transformation of infrastructure and operations products and services to the entire McDonalds environment.
Responsibilities & Accountabilities:
- Will chip in to one or more cloud security capabilities such as identity & access, data protection, security controls and compliance, vulnerability management, threat detection and response, and logging/monitoring.
- Plan, implement, automate, manage, and monitor cloud security controls
- Perform assessments of resource architecture and configurations against security baseline
- Provide technical assistance and guidance to product and development teams in complying with security controls and industry best practices.
- Perform penetration testing activities, red/blue teaming, and gap analysis with audit and cybersecurity partners.
- Monitor and manage cloud security events and support incident response processes as needed.
- Design and deploy tooling, dashboards, scripts, and automation to enhance cloud security posture, detection, and response.
- Design and deploy tooling, dashboards, scripts, and automation to make adoption of secure configurations desirable for product, application, and development teams.
- Build prototypes and perform proof of concepts to demonstrate value
- Remain up-to-date on emerging technologies and architecture and propose ways to use them in current and upcoming projects. Training opportunities will be company sponsored.
- Act as a subject matter expert for technical questions related to cloud security (one/two of the security domains)
- Lead and facilitate the creation of compliance automation and policy-as-code to streamline cloud governance in partnership with the Technical Product Analyst(s) and Manager(s).
- Strive to provide internal and external customers with excellent customer service and world-class service and focus on improvement and benefits to the cloud consumer’s outcomes.
- Willingness and ability to live the McDonald’s values every day: Serve, Inclusion, Integrity, Community, and Family.
- Ability to effectively communicate and work with team members and customers
- Must be attentive to details, organized, self-motivated, and driven.
- A track record of self-taught skill sets and applying those skills effectively.
- Excellent written and oral communication skills with ability to communicate effectively with technical and non-technical staff.
- Demonstrated strong analytic and problem-solving abilities.
- Entry-Intermediate technical knowledge in 3 or more of the following domains:
- Cryotography, encryption, and key management
- Data protection and security
- Governance and risk management
- Identity, access and permissions
- Infrastructure security
- Logging and monitoring
- Security event and incident response
- Threat and vulnerability management
- Application and interface security
- DevOps pipeline governance and security
- Willingness to take and achieve company sponsored trainings and certifications (AWS Architect or SysOps Associate, Azure Security Associate, GCP Cloud Engineer Associate, and/or Cloud Security Alliance CCSK)
- Scripting and automation via CLI/PowerShell, Bash, JSON templates etc.
- Knowledge of Cloud Platforms (AWS, Azure, GCP, and/or OCI).
- Experience in configuring Windows and Linux servers.
- Bachelor’s degree in Computer Science, Cybersecurity, or
- Bachelor’s degree in non-related field plus one of the following:
- 2+ years experience in cloud
- 2+ years in IT system administration
- 2+ years experience in cybersecurity
McDonald’s is committed to providing qualified individuals with disabilities reasonable accommodations to perform the essential functions of their jobs. Additionally, if you (or another applicant of whom you are aware) require assistance accessing or reading this job posting or otherwise seek assistance in the application process, please contact firstname.lastname@example.org
McDonald’s provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Nothing in this job posting or description should be construed as an offer or guarantee of employment.