The Senior Manager, Cyber Defence will support the cybersecurity response program by providing leadership in delivering timely, actionable, and relevant threat intelligence tailored to enable the improvement of McDonald’s security posture. The Senior Manager, Cyber Defence is responsible for providing oversight and support of the collection of threat information, threat analysis, and dissemination of timely, relevant, and actionable cyber threat intelligence. These capabilities will include the timely collection of advanced warnings of impeding IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and tactical support of the incident response process. The Senior Manager, Cyber Defence will also directly support defining, delivering, and sustaining the Cybersecurity Response Threat Operations program strategy.
Responsibilities:
1. Provide oversight in Threat Operations support of the Security Operations Center (SOC) in effectively detecting, analysing, and containing cyber-attacks. Provides direct operational and tactical support to security operations and incident response processes. Provide Tier III analytical support for escalated security incidents.
2. Provide support and oversight of triaging intelligence alerts/events from intelligence partners.
3. Authoring and edit cyber threat intelligence reports supporting the needs of internal and external stakeholders at the tactical, operational, and strategic levels.
4. Maintain senior level awareness of geopolitical issues and their influence on the global or relevant regional threat landscape.
5. Provide detailed information correlation, analysis, and subject matter expertise of cyber threats as it applies to the Retail and Hospitality Sector.
6. Provide leadership in overseeing the threat operations program, including supporting personnel, developing requirements, policy enforcement, emergency planning, security awareness, and other resources.
7. Developing policies and plans and/or advocating for changes that support threat operations initiatives or required changes/enhancements.
What type of background do I need?
8. Must have a background in providing leadership in the intelligence field and have an expert level understanding of analytical methods, the intelligence cycle, collection management, and information source evaluation techniques
9. Expert level understanding of industry-standard threat analysis models such as the MITRE ATT&CK Framework, The Cyber Kill Chain, The Diamond Model, the Pyramid of Pain, DeTT&CT, and the NIST Cybersecurity Framework
10. Strong understanding of standard techniques used by malware and threat actors and utilize an industry-standard lexicon for discussing such threats
11. Expert level experience with the use of a Threat Intelligence Platform or All-Source Intelligence Analysis tools
12. Familiarity with intelligence-sharing communities and strong experience in cross-collaboration with Security Operation and Incident Response teams.
13. Deep technical knowledge of the cyber threat landscape, including threat actors, tactics, tools and procedures, and effective countermeasures
14. Ability to analyse, summarise, and communicate large volumes of information clearly and concisely to leadership and both technical/non-technical audiences
Required Skills:
15. Strong understanding of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defence-in-depth).
16. Experience working with Information Sharing Organizations and Analysis Centres
17. Experience developing enterprise-level intelligence/information-sharing policies and standards are preferred.
18. Expert level understanding of cybersecurity principles and organisational requirements, including threat detection, incident response, and security operations methodologies.
19. Expert level understanding of investigating threats, utilizing open-source intelligence (OSINT), intelligence from trusted third parties, and other information sources to uncover threat actors and their tactics, techniques, and procedures (TTPs) while providing context to threats and reaching conclusions from incomplete or missing data.
20. Strong understanding of the MITRE ATT&CK framework, NIST Cybersecurity Framework, and other cyber security frameworks.
21. Team-player mentality and a willingness to work with and lead a disparate global team.
22. Strong familiarity working with Threat Intelligence Platforms such as Analyst1, i2 Analyst Notebook, Anomali Threatstream, etc.
23. Strong Understanding of Intelligence and Security Solutions such as ProofPoint, Digital Shadows, Cyjax, and Q-Radar.
24. Exceptional communication and presentation skills. Ability to present publicly as a thought leader in security
25. Demonstrated capability to deliver highly polished, timely, actionable, and relevant threat intelligence products at the tactical, operational, and strategic levels (must provide examples or complete a writing prompt).
Qualifications:
26. Bachelor's degree or equivalent OTJ experience.
27. GIAC Security Essentials, CompTIA Security+, EC-Council C|TIA, or equivalent training.
28. Significant experience in a role that required daily interaction with Cyber Security personnel, tools, and processes.
29. Experience working in a focused Intelligence role.
30. Internal and external threat reconnaissance.
31. Experience working with Global Enterprise organizations.
Desired Qualifications
32. Master’s Degree
33. Experience with designing and deploying security solutions.
34. Experience with strategic planning, budgeting, and allocation.
35. Military or Government All-Source Intelligence or Cyber Intelligence background
36. Capability to interpret and comprehend scripts and various programming languages. Highly desired skills in Python, R, or similar scripting languages (must provide examples).
37. Experience working with Security Automation and Orchestration (SOAR) solutions.
38. Strong understanding of data analytics and data visualization best practices.
39. OKR Certified or Foundational understanding of methodologies behind driving Objectives and Key Results.
40. Demonstrated track record of success in delivering in a security environment.
41. Strong project leadership and support skills.
42. Strong analytical skills and cross-functional knowledge across multiple security disciplines
43. Must possess a high degree of integrity, be trustworthy, and have the ability to work with autonomy.
Additional Information:
At McDonald’s we are People from all Walks of Life...
People are at the heart of everything we do, and they make the McDonald’s experience. We embrace diversity and are committed to creating an inclusive culture that means people can be their best authentic self in our restaurants and offices, which helps us to better serve our customers. We have a strong heritage of diversity and representation within our communities, which we are proud of. The diversity of our people, customers, Franchisees and suppliers gives us strength.
We do not tolerate inequality, injustice or discrimination of any kind. These are hugely important issues and a brand with our reach and relevance means we have a very meaningful role to play.
We also recognise our responsibility as a large employer to continue being active in our communities, helping to develop skills and drive aspirations that will help people to be more aware of the world of work and more successful within it, whether with McDonald’s or elsewhere."