- Company Name
- McDonald's
- Job Title
- Sr Director, Cyber Defense
- Job Description
-
**Job Title**
Senior Director – Cyber Defense
**Role Summary**
Lead the global Cyber Defense organization, delivering a unified, 24/7 detection, response, and threat‑hunting capability across corporate, market, and restaurant environments. Bridge executive strategy with operational execution, scaling the function as a managed security service provider for McDonald’s global markets, affiliates, and franchise owners.
**Expectations**
- Build a mature, multi‑domain cyber defense capability that protects brand integrity and stakeholder confidence.
- Deliver measurable service metrics, operational excellence, and continuous improvement in a federated, highly regulated environment.
- Serve as the primary executive spokesperson during incidents, board dealings, and critical communications.
- Mentor a global team of directors, managers, analysts, and engineers toward a culture of accountability and inclusion.
**Key Responsibilities**
1. **Strategic Leadership** – Define, articulate, and execute the global cyber defense strategy, aligning with enterprise risk, brand protection, and Accelerating the Arches vision.
2. **Operational Excellence** – Oversee the Global Security Operations Center (GSOC) to ensure 24/7 threat detection, containment, and mitigation across SaaS, cloud, network, and on‑premise environments.
3. **Incident Response & Forensics** – Lead enterprise‑wide IR, forensic analysis, and after‑action reviews, driving rapid remediation and lessons‑learned integration.
4. **Threat Intelligence & Insider Threat** – Manage threat intel programs to prioritize emerging risks; develop and supervise insider threat programs balancing risk and privacy.
5. **Offensive Security & Red Team** – Direct penetration testing and red‑team exercises to validate security posture across all technology stacks that power the business.
6. **Detection & Automation** – Design and tune global detection & response content, telemetry pipelines, and automation across endpoint, network, and cloud.
7. **Managed Service Delivery** – Scale cyber defense as a shared service to markets, owners/operators, and affiliates; create onboarding frameworks, service level agreements, and playbooks tailored to market maturity and regulatory constraints.
8. **Team & Culture Leadership** – Recruit, develop, and retain a global cyber defense workforce; foster a continuous improvement mindset; champion diversity, inclusion, and corporate values.
**Required Skills**
- 12+ years in cyber security operations, incident response, or threat management.
- 5+ years in senior leadership roles within global or federated enterprises.
- Proven ability to build and deliver 24/7 SOC, IR, and threat intel programs.
- Deep knowledge of cloud, endpoint, and network detection engineering, automation frameworks, and red‑team tactics.
- Strong executive presence and communication skills for senior leadership, board, and non‑technical audiences.
- Experience delivering managed security services or shared services to diverse global markets or franchise ecosystems.
- Excellent stakeholder management, collaboration, and cross‑functional coordination.
**Required Education & Certifications**
- Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or related field (advanced degree preferred).
- CISSP and CISM mandatory; additional certifications such as GPEN, GCIH, CRISC, CompTIA PenTest+, or TOGAF may be preferred.
---