Cloud Security Engineer II
McDonald’s evolving Accelerating the Arches growth strategy puts our customers and people first, and leverages our competitive advantages to strengthen our brand. We are recognized on lists like Fortune’s Most Admired Companies and Fast Company’s Most Innovative Companies.
Doubling Down on the 4Ds (Delivery, Digital, Drive Thru, and Development)
Our growth pillars emphasize the important role technology plays as the leading, global omni-channel restaurant brand. Technology enables the organization through digital technology, and improving the customer, crew and employee experience each and every day.
Global Technology forging the way
Leading the digitization of our business is the Technology organization made up of intrapreneurs who build industry defining tech using the latest innovations and platforms, like AI and edge computing to deliver on the next set of cutting-edge opportunities for the business. At McDonald’s you get to solve technology innovation challenges at an incredible scale, and work across global teams who are always hungry for a challenge. This provides access to exciting career paths for technologists. It’s bonus points when you get to see your family and friends use the tech you build at their favorite McD restaurant.
Check out the Global Technology Technical Blog to learn how technology is directly enabling the Accelerating the Arches strategy.Job Description:
This opportunity is part of the Global Technology Infrastructure & Operations team (GTIO), where our mission is to deliver modern and relevant technology that supports the way McDonald’s works. We provide best-in-class foundational technology products and services including Global Networking, Cloud, End User Computing, and IT Service Management. It’s our goal to always provide an engaging, relevant, and simple experience for our customers.
The Cloud Security Engineer II role is part of the Cloud Ecosystem team in Global Technology Infrastructure & Operations. The role reports to the Director of Cloud Security and is responsible for delivering the enterprise security platform engineering outcomes, delivering enhancements and automating security remediations, supporting DevOps and Engineers consuming cloud resources to ensure it is done in an important and secure manner, and engaging with cybersecurity and risk management teams to improve the security posture of the cloud environments.
This is an exciting opportunity for an experienced technology leader to help shape the transformation of infrastructure and operations products and services to the entire McDonalds environment.
Responsibilities & Accountabilities:
- Automate the provisioning of cloud monitors, automated remediation, security baselines and templates, etc. through the concept of pipeline engineering.
- Implement core cloud security capabilities such as identity & access, data protection, security controls and compliance, vulnerability management, threat detection and response, and logging/monitoring.
- Performing penetration testing, red/blue teaming, and gap analysis with audit and cybersecurity partners.
- Support operations and incident response in cloud events and incidents.
- Design and deploy programs, dashboards, tests, scripts, and automation to enhance cloud security posture, detection, and response.
- Build prototypes and perform proof of concepts to demonstrate security value
- Remain up-to-date on emerging technologies and architecture and propose ways to use them in current and upcoming projects.
- Educate and guide internal and external team members on cloud standards, procedures, and guidelines/best practices.
- Act as a SME for all Cloud technical hands-on questions cloud security related.
- Lead and facilitate the creation of compliance automation and policy-as-code to streamline cloud governance in partnership with the Technical Product Analyst(s) and Manager(s).
- Strive to provide internal and external customers with excellent customer service and world-class service and focus on improvement and benefits to the cloud consumer’s outcomes.
- Willingness and ability to live the McDonald’s values every day: Serve, Inclusion, Integrity, Community, and Family.
- Ability to effectively communicate with other senior leaders of IT on program strategies and plans and negotiate quality solutions.
- Must be attentive to details, organized, self-motivated, and driven.
- Ability to create system and process flow diagrams, data flow diagrams, sequence and UML diagrams, inter and intra system dependencies within the functional domain and across them
- Knowledge and understanding of industry trends and new technologies and ability to apply trends to architectural needs.
- Excellent written and oral communication skills with ability to communicate effectively with technical and non-technical staff.
- Defines and promotes best practices; cultivates a culture of innovation and learning, including willingness to instruct and coach in a cloud training program as needed.
- Demonstrated strong analytic and problem-solving abilities.
- Strong technical knowledge in 6 or more of the following domains:
- Cryotography, encryption, and key management
- Data protection and security
- Governance and risk management
- Identity, access and permissions
- Infrastructure security
- Logging and monitoring
- Security event and incident response
- Threat and vulnerability management
- Application and interface security
- DevOps pipeline governance and security
- Associate-level cloud certifications (AWS, Azure)
- Infrastructure as Code (IaC) experience - scripting and automation via AZ CLI/PowerShell, Bash, Bicep, JSON templates etc.
- Deep experience in building Kubernetes environment.
- Prior experience in security Windows and Linux servers at scale. Enabling DevOps in IaaS/PaaS is a plus.
- CCSK or similar technical security certification.
- 2+ years of cloud experience and a Bachelor’s degree.
- Experience in software development (e.g. C#, .Net, .Net core) or scripting (e.g. Python, Powershell, etc.).
McDonald’s is committed to providing qualified individuals with disabilities reasonable accommodations to perform the essential functions of their jobs. Additionally, if you (or another applicant of whom you are aware) require assistance accessing or reading this job posting or otherwise seek assistance in the application process, please contact email@example.com
McDonald’s provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Nothing in this job posting or description should be construed as an offer or guarantee of employment.