McDonald’s new growth strategy, Accelerating the Arches, encompasses all aspects of our business as the leading global omni-channel restaurant brand. As the consumer landscape shifts we are using our competitive advantages to further strengthen our brand. One of our core growth strategies is to Double Down on the 3Ds (Delivery, Digital and Drive Thru). McDonald’s will accelerate technology innovation so 65M+ customers a day will experience a fast, easy experience, whether at one of our 25,000 and growing Drive Thrus, through McDelivery, dine-in or takeaway.

Leading this tech revolution is McDonald’s Global Technology organization made up of intrapreneurs who get to build really cool tech with scary smart people using the latest innovations like AI, IOT, and edge computing. We do this working along diverse, global teams who are always hungry for a challenge. It’s bonus points when you get to see your family and friends use the tech you build at their favorite McD restaurant.

As we have matured as an engineering organization and seen the demands for technology grow exponentially, we’re gearing up to deliver on the next set of opportunities for the business. We are building up an engineering team in house accountable for our strategic products. We’ll have diverse squads made up of engineers with traditional and specialized skillsets, both from internal engineers coupled with our partners, to help us flex with demand and solve technology innovation challenges done at an incredible scale.

Global Technology is the central IT organization to McDonald's Corporation and is made up of global and regional components. Global Technology Risk Management (GTRM) is the team ultimately responsible for the securing of McDonald’s information assets at a global level by providing services and solutions. The “customer” or partner for a GTRM service or solution could be a Director or Senior Director, a peer group in Global Technology Solutions, or any consumer of IT Services in the greater McDonald’s enterprise including Segments and Markets.

We have an opening for you join with us as a Supervisor of Technology Risk Management reporting to the Manager – Technology Risk Management. This critical role will execute and deliver on components to mature McDonald’s policy and standards management, information/vendor risk management, data protection (security& privacy) governance, and global user awareness training programs.

What You’ll be Doing

In your role as a Supervisor – Technology Risk Management, you will enable McDonald’s to compete in a secure manner, grow our business and build on our success by driving the development, implementation, and maintenance of a global risk management program. This position is responsible for independently assessing and reporting risks and providing a view of aggregate risks. The risks identified by this team are reported to the Senior leadership, Risk Management Committees, and our Board of Directors. This position will be responsible for effectively collaborating with key stakeholders across McDonalds’ and lines of defense to ensure risks are managed effectively and efficiently in accordance with the corporate policies and applicable global and/or market regulatory requirements. The primary function of this position includes:

• Implement cyber risk management framework, qualitative and/or quantitative-based models, and standard analysis scenarios, manage a global technology risk assessment and risk registry
• Perform process gap assessments, risk assessments, analyze technology and information security risks to the enterprise, identify control needs and works with the technology/product owner to drive implementation of appropriate controls to comply with McDonald’s policy and standards, and work closely with data/process owners and control performers to educate on control requirements and associated risk of non-compliance
• Perform data-driven reviews focused on product, cloud, technology, cyber security and business continuity management risks
• Develop and improve metrics, KPIs, and trending for the risk management activities and drive visibility and transparency of business value for completed work
• Conduct risk acceptances in the event policies and standards are unable to be adhered on behalf of business owner for the risk, which will include documenting the risk and summarizing it for executives review and acceptance
• Advise and influence global technology and business management regarding security best practices, risk analysis, and risk mitigation
• Facilitate Global Technology risk working groups and committees
• Maintain a working knowledge of current industry risk and trends as well as a clear understanding of McDonalds’ business and technical strategies in order to be accountable for identifying security risk and concerns

At McDonald’s, we recruit the best people to help grow our business and build on our success. To be considered for this position you must be able to demonstrate the following:

Requirements:  

• Minimum 3 years of experience in risk management across any of the three lines of defense
• An understanding of risk assessment methodologies, frameworks such as NIST CSF, CSA, CIS Controls etc., and regulations e.g. GDPR, CCPA
• Proven ability to identify risks, analyze issues and deduce meaningful insights about risk trends by conducting interviews and analyzing large volumes of data
• Demonstrated ability to work within matrixed resources in a team environment. Possesses strong organizational, time management and diplomacy skills
• Ability to take initiative, work independently, develop strategic direction, and work cross-functionally with strong leadership skills to drive organizational change to effectively meet strategic and tactical goals
• Leverage analytical skills to gain insights, technical proficiency to deliver right-fit solutions, and stellar communications skills to present findings, discovery, and recommendations in a logical and easily understandable manner that focuses on business value
• Detailed oriented with strong communication, report writing and presentation skills with working knowledge and experience in developing and reporting performance and risk metrics (e.g., KPIs/KRIs/SLA’s status reporting and dashboard for executive leadership)

Preferred:

• Bachelor’s degree in a related field 
• Related certifications such as CISM, CISSP, CRISC, CISA
• Experience of eGRC platforms (e.g. OneTrust, RSA Archer, ServiceNow), risk rating services (e.g. Security Scorecard, RiskRecon)
• Working knowledge of one or more of the data mining tools/technologies (e.g. Microsoft Excel: Pivot Tables SQL, Python, R, Power BI, Tableau)
• Global retail/hospitality industry experience

Must have received or be willing to receive the COVID-19 vaccination by date of hire to be considered. Proof of vaccination required.

McDonald’s is proud to be one of the most recognized brands in the world, with restaurants in over 100 countries that serve 70 million customers daily. As the global leader in the food service industry, our legacy of innovation and hard work continues to drive us.

From drive thru updates to delivery to mobile order and pay, we are innovating quickly and growing. Joining McDonald's means thinking big and preparing for a career that can have influence around the world.

At McDonald’s, we see every day as a chance to create positive impact. We lead through our values centered on inclusivity, service, integrity, community and family. From support of Ronald McDonald House Charities to our Youth Opportunity project and sustainability initiatives, our values keep us dedicated to using our scale for good: good for our customers, people, industry and planet. We also offer outstanding benefits including a sabbatical program, tuition assistance and flexible work arrangements.

While most of us are working remote during COVID-19, we're excited to get back to our state-of-the-art headquarters in the booming West Loop of downtown Chicago! It's set up to be a global hub that cultivates collaboration:

• Take a class at Hamburger University
• Sample future items in our Test Kitchen
• Utilize the latest technology to connect with your team around the globe

We are an equal opportunity employer committed to the diversity of our crew members, staff, operators, and suppliers. We promote an inclusive work environment that creates feel-good moments for everyone. We are interested in people who enhance our company culture: Does this role interest you? We encourage you to apply even if you don’t meet every single requirement!

McDonald’s is committed to providing qualified individuals with disabilities reasonable accommodations to perform the essential functions of their jobs. Additionally, if you (or another applicant of whom you are aware) require assistance accessing or reading this job posting or otherwise seek assistance in the application process, please contact [email protected]

McDonald’s provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Nothing in this job posting or description should be construed as an offer or guarantee of employment.