Director, Threat Operations & Penetration Testing

McDonald's Corp

Chicago, IL

JOB DETAILS
SALARY
$195,371–$244,214 Per Year
SKILLS
Amazon Web Services (AWS), Applications Security, Automation, Budget Management, Budgeting, CISM - Certified Information Security Manager, Campaigns, Capacity Management, Cloud Applications, Cloud Architecture, Communication Skills, Computer Security, Continuous Improvement, Cross-Functional, Cyber Threat Hunting, Establish Priorities, Fast Food, GCIH - GIAC Certified Incident Handler, GCP (Good Clinical Practices), GSOC - GIAC Securing Oracle Certification, Health Insurance, Hunting, Incident Response, Internet Security, Leadership, Legal, Life Insurance, Machine Tool, Mentoring, Metasploit, Metrics, Microsoft Windows Azure, Network Administration/Management, Operations Processes, Operations Security (OPSEC), Penetration Testing, People Management, Performance Metrics, Physical Security, Prescription Drugs, Process Improvement, Process Management, Project/Program Coordination, Psychiatry and Mental Health, Resource Management, Restaurant, Risk, Risk Analysis, Risk Management, Security Architecture, Security Attacks, Security Information and Event Management (SIEM), Set Goals, Simulation, Social Engineering, Software as a Service (SaaS), Strategic Planning, Sustainability, Team Building, Team Lead/Manager, Technical Leadership, Technical Writing, Test Plan/Schedule, Test Program, Testing, Time Management, Urban Planning, Waitressing, Workforce Planning, Writing Skills
LOCATION
Chicago, IL
POSTED
30+ days ago

Job Description:

Company Description:

McDonalds is proud to be one of the most recognized brands in the world, with restaurants in over 100 countries that serve 70 million customers daily. We continue to operate from a position of strength. Our updated growth strategy is focused on staying ahead of what our customers want and realizing further growth potential. Our relentless ambition is why McDonalds remains one of the worlds leading corporations after almost 70 years. Joining McDonalds means thinking big and preparing for a career that can have influence around the world.

At McDonalds, we see every day as a chance to create positive impact. We lead through our values centered on inclusivity, service, integrity, community and family. From support of Ronald McDonald House to our Youth Opportunity project and sustainability initiatives, our values keep us dedicated to using our scale for good: good for our customers, people, industry and planet. We also offer a broad range of outstanding benefits including a sabbatical program, tuition assistance and flexible work arrangements.

Department Overview

The Director, Threat Operations & Offensive Security is responsible for defining, leading, and scaling a global cybersecurity program spanning two critical pillars:

  • Threat Operations Insider Risk, Threat Hunting, and Cyber Threat Exposure Management (CTEM)

  • Offensive Security Red Teaming, Penetration Testing, and Adversary Simulation

This role leads a geographically distributed team across the United States and United Kingdom, sets strategic direction, and ensures all activities translate into measurable risk reduction and enhanced detection/response capabilities for the enterprise. You will partner closely with Incident Response, Detection Engineering, Security Operations (GSOC), Engineering, and Technology Risk stakeholders to drive cross-functional outcomes.

This role balances strategic program leadership, deep technical expertise, and executive communication reporting to the Sr. Director, Cyber Defense within Global Cyber Security (GCS).

Duties

Strategy & Program Leadership

  • Define and execute the global strategy and multi-year roadmap for Threat Operations and Offensive Security programs
  • Establish measurable goals, KPIs, and OKRs aligned to enterprise cyber risk reduction
  • Drive integration between CTEM, threat hunting, insider risk, detection engineering, and offensive testing to create a unified threat-informed defense model
  • Provide executive-level reporting on program outcomes, risk posture, and operational metrics to GCS and Global Technology leadership

Threat Operations

  • Insider Risk Lead the insider threat program to detect, investigate, and mitigate internal threats through behavioral analytics, policy enforcement, and cross-functional partnerships (HR, Legal, Compliance)
  • Threat Hunting Mature proactive threat hunting capabilities to identify advanced persistent threats, anomalous activity, and gaps in detection coverage across the global enterprise
  • Cyber Threat Exposure Management (CTEM) Own the CTEM lifecycle including attack surface visibility, exposure prioritization, vulnerability validation, and remediation tracking in partnership with GRC/TPRM and engineering teams
  • Develop playbooks, automation, and operational processes to scale threat operations capabilities

Offensive Security

  • Lead penetration testing programs across application, cloud, network, infrastructure, mobile, and SaaS environments
  • Plan and execute Red Team and Purple Team operations, breach & attack simulations (BAS), and adversary emulation exercises informed by real-world threat intelligence
  • Oversee the Vulnerability Disclosure Program (VDP) and External Attack Surface Management (EASM) validation activities
  • Translate offensive findings into prioritized, risk-ranked remediation actions and validate effectiveness of security controls and detection capabilities
  • Lead targeted risk assessments and custom exercises (e.g., tabletop simulations, physical security testing, social engineering campaigns)

Leadership & Team Development

  • Lead, mentor, and scale a high-performing global team of managers, senior analysts, and technical leads across the US and UK
  • Foster a culture of innovation, accountability, continuous improvement, and technical excellence
  • Manage capacity planning, headcount budgeting, and resource allocation across multiple towers and regions
  • Drive continuous improvement through automation, process maturity, and threat-informed testing

Qualifications

  • 10+ years of progressive cybersecurity experience across offensive and defensive domains
  • 5+ years of direct leadership experience managing cybersecurity teams, including people managers
  • Deep expertise in penetration testing, red teaming, threat hunting, insider risk, and/or CTEM
  • Expert-level understanding of adversarial tactics, techniques, and procedures (TTPs), the cyber kill chain, and MITRE ATT&CK framework
  • Extensive experience leading teams that emulate threat activities and understanding the stages of a cyber-attack (reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)
  • Experience leading global, geographically distributed teams and managing large-scale security programs in complex multinational environments
  • Strong executive communication and stakeholder management skills with the ability to translate technical risk into business impact for senior leadership and CIO-level audiences
  • Proven ability to operate with minimal oversight, make quick and effective decisions, and navigate ambiguity in fast-paced, deadline-driven environments

Desired Skills

  • Professional certifications such as OSCP, GXPN, GCDA, GCPN, GCTI, GCIH, CEH, CISM, or equivalent
  • Expert understanding of cloud security architectures (Azure, AWS, GCP) and modern application security
  • Experience with SIEM/SOAR platforms, detection engineering, and security operations workflows
  • Hands-on experience with offensive security tooling and frameworks (e.g., Cobalt Strike, Burp Suite, BloodHound, Metasploit, custom tooling)
  • Experience managing vulnerability disclosure programs, bug bounty programs, or coordinated disclosure processes
  • Familiarity with insider threat platforms, behavioral analytics, and UEBA solutions
  • Strong understanding of exposure management platforms, EASM, and attack surface monitoring tools
  • Outstanding technical writing skills and the capability to communicate findings and program outcomes to a wide range of technical and non-technical audiences
  • Experience with budgeting, headcount governance, and cross-regional workforce planning

Compensation

Bonus Eligible: YES

Long - Term Incentive: YES

Benefits Eligible: YES

Salary Range

The expected salary range for this role is $195,371.00 - $244,214.00 per year

The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we may also consider your experience, and other job-related factors.

Additional Information:

Benefits eligible: This position offers health and welfare benefits, including but not limited to comprehensive health insurance, which includes medical, prescription drug, mental health, dental and vision coverage, as well as, life insurance.

McDonalds is an equal opportunity employer committed to the diversity of our workforce. We promote an inclusive work environment that creates feel-good moments for everyone. McDonalds provides reasonable accommodations to qualified individuals with disabilities as part of the application or hiring process or to perform the essential functions of their job. If you need assistance accessing or reading this job posting or otherwise feel you need an accommodation during the application or hiring process, please contact mcdhrbenefits@us.mcd.com. Reasonable accommodations will be determined on a case-by-case basis.

McDonalds provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Nothing in this job posting or description should be construed as an offer or guarantee of employment.

About the Company

M

McDonald's Corp

This job posting is for a position in a Restaurant owned by an independent franchisee, we are responsible for all employment related matters in the Restaurant including among other things , setting any requirements for the job and all decisions concerning hiring,  firing , discipline, supervision, staffing and sheduling. If you are hired for the job posting, the independent franchisee and not McDonald's  Corporation will  be your employer.

COMPANY SIZE
50 to 99 employees
INDUSTRY
Restaurant/Food Services