Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Technology Risk Management

M

McDonald's Corporation

Technology Risk Management

Chicago, IL
Full Time
Paid
Similar Jobs
  • Responsibilities

    Job Description

    JOB DESCRIPTION

    Global Technology is the central IT organization to McDonald's Corporation and is made up of global and regional components. Global Technology Risk Management (GTRM) is the team ultimately responsible for the securing of McDonald’s information assets at a global level by providing services and solutions. The “customer” or partner for a GTRM service or solution could be a Director or Senior Director, a peer group in Global Technology Solutions, or any consumer of IT Services in the greater McDonald’s enterprise including Segments and Markets.

    We have an opening for you join with us as a Manager of Technology Risk Management reporting to the Director information Risk Management and Governance (IRM). This critical role will execute and deliver on components to mature McDonalds policy and standards management, information/vendor risk management, data protection (security& privacy) governance, and global user awareness training programs.

    WHAT YOU’LL BE DOING

    In your role as a MANAGER – TECHNOLOGY RISK MANAGEMENT, you will enable McDonalds to compete in a secure manner, grow our business and build on our success by driving the development, implementation, and maintenance of a global risk management program. This position is responsible for independently assessing and reporting risks and providing a view of aggregate risks. The risks identified by this team are reported to the Senior leadership, Risk Management Committees, and our Board of Directors. This position will be responsible for effectively collaborating with key stakeholders across McDonalds’ and lines of defense to ensure risks are managed effectively and efficiently in accordance with the corporate policies and applicable global and/or market regulatory requirements. The primary function of this position includes:

    • Driving the development, application, and maintenance of a cyber risk management framework, qualitative and/or quantitative-based models, and standard analysis scenarios, manage a global technology risk assessment program and risk registry
    • Perform process gap assessments, risk assessments, analyze technology and information security risks to the enterprise, identify control needs and works with the technology/product owner to drive implementation of appropriate controls to comply with McDonald’s policy and standards, and work closely with data/process owners and control performers to educate on control requirements and associated risk of non-compliance
    • Perform data-driven reviews focused on product, cloud, technology, cyber security and business continuity management risks
    • Develop and improve metrics, KPIs, and trending for the risk management activities and drive visibility and transparency of business value for completed work
    • Conduct risk acceptances in the event policies and standards are unable to be adhered on behalf of business owner for the risk, which will include documenting the risk and summarizing it for executives review and acceptance
    • Advise and influence global technology and business management regarding security best practices, risk analysis, and risk mitigation
    • Facilitate Global Technology risk working groups and committees
    • Maintain a working knowledge of current industry risk and trends as well as a clear understanding of McDonalds’s business and technical strategies in order to be accountable for identifying security risk and concerns
  • Qualifications

    Qualifications

    QUALIFICATIONS

    At McDonalds, we recruit the best people to help grow our business and build on our success. To be considered for this position you must be able to demonstrate the following:

    Requirements:

    • Minimum 5 years of experience in risk management across any of the three lines of defense
    • An understanding of risk assessment methodologies, frameworks such as NIST CSF, CSA, CIS Controls etc., and regulations e.g. GDPR, CCPA
    • Proven ability to identify risks, analyze issues and deduce meaningful insights about risk trends by conducting interviews and analyzing large volumes of data
    • Demonstrated ability to work within matrixed resources in a team environment. Possesses strong organizational, time management and diplomacy skills
    • Ability to work independently, develop strategic direction, and work cross-functionally with strong leadership skills to drive organizational change to effectively meet strategic and tactical goals
    • Leverage analytical skills to gain insights, technical proficiency to deliver right-fit solutions, and stellar communications skills to present findings, discovery, and recommendations in a logical and easily understandable manner that focuses on business value
    • Detailed oriented with strong communication, report writing and presentation skills with working knowledge and experience in developing and reporting performance and risk metrics (e.g., KPIs/KRIs/SLA’s status reporting and dashboard for executive leadership)

    Preferred:

    • Bachelor’s degree in a related field
    • Related certifications such as CISM, CISSP, CRISC, CISA
    • Experience of eGRC platforms (e.g. OneTrust, RSA Archer, ServiceNow), risk rating services (e.g. Security Scorecard, RiskRecon)
    • Working knowledge of one or more of the data mining tools/technologies (e.g. Microsoft Excel: Pivot Tables SQL, Python, R, Power BI, Tableau)
    • Global retail/hospitality industry experience

    Additional Information

    McDonald’s is committed to providing qualified individuals with disabilities reasonable accommodations to perform the essential functions of their jobs. Additionally, if you (or another applicant of whom you are aware) require assistance accessing or reading this job posting or otherwise seek assistance in the application process, please contact recruiting.supportteam@us.mcd.com

    McDonald’s provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

    Nothing in this job posting or description should be construed as an offer or guarantee of employment.