The Analyst role will be part of the Offensive Security team within Global Cyber Security and will report to the Director of Offensive Security.
We are looking for an emerging professional who has experience with web and network penetration testing.
The ideal candidate will have:
1. Developed skills in ethical hacking techniques and will be familiar with examining network, endpoint, cloud, and application security attack surfaces and vulnerabilities
2. Excellent communication skills, a passion for learning, leadership traits, resilience, and self-awareness
3. Analysts are expected to have an advanced understanding of the various stages of a cyber-attack, such as reconnaissance, privilege escalation, persistence, and defense evasion
4. Perfect role for those embarking on their career in offensive security, offering a unique opportunity to grow and make a significant impact on one of the world’s most recognizable brands.
Responsibilities:
5. Assist in the identification of vulnerabilities and exposures within enterprise networks, systems, and applications through guided offensive security engagements.
6. Contribute to preparing technical documents, reports, and summaries from analyses to provide situational awareness to stakeholders.
7. Support the exploitation of embedded systems, web and mobile apps, cloud platforms, and office and restaurant networks.
8. Regularly update management and stakeholders on the progress of projects, ensuring timely and effective communication.
Experienced required:
9. Exposure to penetration testing tools and techniques (e.g., nmap, Burp Suite, Impacket Suite, Bloodhound, situational awareness, etc.).
10. Excellent written and verbal communication/presentation skills to describe assessment details and technical analysis.
11. Proficiency in managing multiple concurrent workstreams and competing priorities.
12. Work within a global/multinational enterprise with flexible schedule accommodations for meetings, engagements, and operations.
13. Experience with technical writing and demonstrating various creative communication mechanisms to diverse audiences.
14. Understand the purpose and utilization of frameworks such as MITRE ATT&CK and the Cyber Kill Chain.
Qualifications:
15. Bachelor's degree or equivalent technical experience in offensive/defensive cybersecurity roles.
16. Professional credentials such as OSCP, OSCE, OSEP, OSWE, GWAPT, GPEN, GXPN, GRTP, CRTO, PNPT, or comparable credentials.
17. Knowledge of networking and web protocols (e.g., TCP/UDP, SSL/TLS, Wi-Fi protocols, routing, HTTP/S, REST/SOAP APIs, etc.).
18. Knowledge of Windows/Active Directory/Linux systems administration and attack surface.
19. Proficiency with programming and scripting. (Python, PowerShell, Go, C, C++, C#, JavaScript, etc.).
20. Ability to manage multiple concurrent workstreams and competing priorities.
21. Exposure to global/multinational enterprises with flexible schedule accommodations for meetings, engagements, and operations.
22. Competency in working with and leveraging commercial/open-source offensive security tooling, such as C2, Breach and Attack Simulations (BAS), External Attack Surface Management (EASM), and other related services.
23. Exposure to managing/using enterprise defensive security services such as EDR, SIEM, Email Gateway, and SOAR.
Additional Information:
At McDonald’s we are People from all Walks of Life...
People are at the heart of everything we do, and they make the McDonald’s experience. We embrace diversity and are committed to creating an inclusive culture that means people can be their best authentic self in our restaurants and offices, which helps us to better serve our customers. We have a strong heritage of diversity and representation within our communities, which we are proud of. The diversity of our people, customers, Franchisees and suppliers gives us strength.
We do not tolerate inequality, injustice or discrimination of any kind. These are hugely important issues and a brand with our reach and relevance means we have a very meaningful role to play.
We also recognise our responsibility as a large employer to continue being active in our communities, helping to develop skills and drive aspirations that will help people to be more aware of the world of work and more successful within it, whether with McDonald’s or elsewhere."