Sr Analyst, Cyber Defense

Job Description:McDonald's is proud to be one of the most recognized brands in the world, with restaurants in over 100 countries that serve 70 million customers daily. As the global leader in the foodservice industry, our legacy of innovation and hard work continues to drive us.From drive-thru updates to delivery to mobile order and pay, we are innovating quickly and growing. Joining McDonald's means thinking big and preparing for a career that can have influence around the world.At McDonald's, we see every day as a chance to create a positive impact. We lead through our values centered on inclusivity, service, integrity, community, and family. From the support of Ronald McDonald House Charities to our Youth Opportunity project and sustainability initiatives, our values keep us dedicated to using our scale for good: good for our customers, people, industry, and the planet. We also offer outstanding benefits including a sabbatical program, tuition assistance, and flexible work arrangements.We are an equal opportunity employer committed to the diversity of our crew members, staff, operators, and suppliers. We promote an inclusive work environment that creates feel-good moments for everyone. We are interested in people who enhance our company culture: Does this role interest you? We encourage you to apply even if you don't meet every single requirement!Department OverviewAs an L3 Response Analyst in the Security Operations Center (SOC), you apply defensive techniques and information from multiple sources to detect, analyze, and report cybersecurity incidents. You help protect McDonald's information assets. You support Incident Response, handle crisis situations, and reduce both immediate and potential cyber threats. Your knowledge of security operations, event monitoring, eDiscovery, forensics, and incident response is essential. This role is part of Global Cyber Security (GCS), which manages our Cybersecurity Defense & Incident Response program and critical services. It ensures leadership receives informed, risk-based insights.Working within the Incident Response team and coordinating with other Cyber Defense teams to identify and report on security incidents as they occur and overseeing end-to-end remediation. Activities will include triaging security events, network and endpoint analysis, malware reverse engineering, threat hunting, vulnerability-related blocking issues, and resolving security incidents from detection to remediation. As part of the Security Defense team, you will create and implement standard operating procedures, playbooks, and processes to help streamline response monitoring, investigations, and analysis research. The role works directly within GCS, the organization responsible for our Cybersecurity Defense & Incident Response program and critical services, ensuring our leadership makes informed risk-based decisions.DutiesThe ideal candidate must have strong knowledge of cybersecurity practices, cloud platforms, detection and response systems, and all incident-handling phases (containment, eradication, recovery, and lessons learned). They must follow and promote established incident response playbooks and procedures, work accurately, and collaborate effectively with global cross-functional teams.Required CompetenciesAdvanced understanding of computer networking concepts, protocols, and network security methods.Solid experience assessing and reducing cyber threats and vulnerabilities.Advanced skills in authentication, authorization, and access control.Ability to apply and develop intrusion detection methods for host- and network-based threats.Strong knowledge of system and application security risks and the ability to develop and implement mitigation measures.Broad awareness of network attacks, related threats and vulnerabilities, and the ability to define countermeasures.Expertise in adversarial tactics, techniques, and procedures, with the ability to anticipate and neutralize them.Proficiency in eDiscovery and forensic investigations, including evidence collection, preservation, analysis, and presentation.Deep understanding of cyber-attack phases and the ability to design defense strategies for each stage.Skill in Windows, MacOS, and/or Linux, including advanced security setup and troubleshooting.Experience mentoring junior analysts and supporting their skill development.Ability to design and implement advanced threat detection and response strategies.Skill in presenting detailed information and recommendations to senior management.ResponsibilitiesContinuously monitor and analyze system activity with security operations tools to detect malicious behavior.Analyze network traffic and logs to identify threats to McDonald's assets.Provide timely detection, identification, and analysis of potential attacks, distinguish threats from normal activity, and review tuning recommendations.Work with key collaborators to validate security events and support incident remediation.Perform event correlation for situational awareness and attack assessment.Conduct security operations and incident response trend analysis and reporting.Perform eDiscovery and forensic investigations to support incident investigations.Mentor analysts to support performance and growth aligned with team and organizational objectives.Develop and execute remediation plans based on incident response requirements.Support threat hunting across market networks by identifying IOCs and evidence of compromise.Lead and mentor junior analysts to strengthen team capability.Minimum RequirementsBachelor's degree or equivalent experience in Computer Science, Cybersecurity, IT, Software Engineering, Information Systems, or Computer Engineering.5+ years of experience in security operations or incident response, with a focus on forensic capabilities.Desired SkillsCertifications such as GIAC, GCIH, GCIA, ITIL, GCFE, or GCFA.Familiarity with the NIST Risk Management Framework, NIST Cybersecurity Framework, and Cyber Kill Chain.Experience with case management platforms, SOAR, email protection, SIEM, EDR tools, and forensic tools (Autopsy, Velociraptor, Ghidra).Experience working with large, complex multinational organizations.Experience developing automation with scripting languages such as Python.CompensationBonus Eligible: YESLong - Term Incentive: YESBenefits Eligible: YESSalary RangeThe expected salary range for this role is $127,332.00 - $159,165.00 per year. The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we may also consider your experience, and other job-related factors.Additional InformationBenefits eligible: This position offers health and welfare benefits, a 401(k) plan, adoption assistance program, educational assistance program, flexible ways of working, and time off policies (including sick leave, parental leave, and vacation/PTO). Eligibility requirements apply to some benefits and may depend on job classification and length of employment.Equal Opportunity and Disability AccommodationMcDonald's is an equal opportunity employer committed to the diversity of our workforce. We promote an inclusive work environment that creates feel-good moments for everyone. McDonald's provides reasonable accommodations to qualified individuals with disabilities as part of the application or hiring process or to perform the essential functions of their job. If you need assistance accessing or reading this job posting or otherwise feel you need an accommodation during the application or hiring process, please contact mcdhrbenefits@us.mcd.com. Reasonable accommodations will be determined on a case-by-case basis.McDonald's provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.Nothing in this job posting or description should be construed as an offer or guarantee of employment.J-18808-Ljbffr