McDonald’s Global Cyber Security is looking for a highly motivated, diligent, and skilled analyst to join the Vulnerability Management Technology team.  McDonald’s Vulnerability Management team protects McD’s customers, data, and brand by identifying vulnerabilities and threats to our organization and working to drive remediation of identified security risks. Vulnerability Management is a capability of Global Security Services within the larger Global Cyber Security Operations (GCS) function. Join us as Analyst, Cybersecurity Operations (Vulnerability Management) to support and improve our efforts to identify and reduce McDonald’s attack surface and help our business continue to have remarkable impacts on our customer’s lives.This role is a key member of the Vulnerability Management team and works with internal and external groups to identify and drive remediation of information security risks.  In this role, you will develop new Cybersecurity services and enhancing existing services to meet the increasing needs for protecting our users, devices, networks, applications, and data through vulnerability management.  The ideal candidate will have prior experience building and managing a vulnerability management platform, analyzing vulnerabilities to determine applicability and impact, reporting vulnerability and risk information to senior leadership, and leading prioritization and remediation strategies in an enterprise environment.Responsibilities:Maintain awareness of critical vulnerabilities and emerging threats that may impact McDonald’s.Focus on developing processes and business relationships for the effective and timely remediation of vulnerabilities in McDonald’s environment.Maintain key stakeholder relationships and communications to ensure agreed to SLA’s are understood and exceptions escalated as requiredUtilize vulnerability management infrastructure that includes scanners, sensors, and agent configurations. (Tenable/Nessus, Security Center, Qualys, Wiz, ServiceNow and RBVM for vulnerability management.)Serve as a Vulnerability Management Subject Matter Expert (SME) assisting operational teams in understanding criticality of detected vulnerabilities, as well as providing remediation guidance. Focus on prioritization of vulnerabilities based on potential impact to McDonald’s; exposure and likelihood of compromise based on Common Vulnerability Score System (CVSS); Tenable Vulnerability Priority Rating (VPR); external threats; and internal risk factors.Mange VM projects with a focus on analytics and security.Assist in identifying gaps, performance issues, growth of usage, and other metrics to show the health and effectiveness of vulnerability management platforms.Assist others with developing reporting and providing analysis around enterprise vulnerability data.Create, modify, and mature vulnerability management reports and metrics to drive remediation of vulnerabilities throughout McDonald’s environments.Analyze large data sets to understand risks and trends and improve reporting maturity through risk-based prioritization, automation and consolidation.Analyze large data sets to improve processes related to communication of vulnerabilities and actionable results to key stakeholders.Participate in the development of ongoing vulnerability data management strategies.Develop insights that lead to short- term and long-term improvements in the enterprise vulnerability management program.Review and create technical documentation, reports, and policies.Partner with other security practitioners, and technology leaders to share best practices and insights.Assist with cybersecurity risk assessments, IT audits and/or vulnerability assessmentsEnsure timely communication and project updates through designated remote productivity platforms.Participate in virtual meetings and contribute to discussions using video conferencing software.Ability to support 24 x 7 x 5 stakeholdersBenefits eligible: Yes
Bonus eligible: Yes
The expected salary range for this role is $98,140 – $125,130 per year 
The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we may also consider your experience, and other job-related factors.