We are seeking a Detection Engineer who will support in building out and improving McDonald’s ability to effectively detect and respond to threats. You will collaborate closely with cybersecurity experts, Global Technology teams, service partners, and business leaders to assess detection gaps across McDonald’s and drive the development, deployment, and maintenance of our global threat detection capabilities. This role will have a direct impact on building capabilities for the program through strong technical contributions. As a Detection Engineer, you must have a strong technical foundation and understanding of security concepts, solutions and technologies. This role is perfect for those looking to take the next step in their cybersecurity career, offering a unique opportunity to learn and grow while making a significant impact on one of the world’s most recognizable brands.
Must be familiar with frameworks such asMITRE ATT&CK and the Cyber Kill Chainand how to utilize them to assess detection capabilities and coverage. You should excel in identifying opportunities for developing new threat detection use cases based on security telemetry, environment baselining, actionable threat intelligence and Incident Response lessons learned. You should be able to identify gaps in our detection coverage across global infrastructure, and work with business partners to gain visibility and control through logging and detection content. Experience with enterprise security services such as EDR, SIEM, Email Security Gateways, and SOAR is essential.
Responsibilities:
Drive the implementation and ongoing maintenance of the alerting and detection strategy (ADS) framework across all enterprise security services. Perform detection engineering and regularly write/maintain detection logic to identify suspicious activity. Document & track detection capabilities across numerous data sources. Support building process around Detection Development Lifecycle and drive ongoing process development/improvement efforts. Build automation and orchestration playbooks to streamline detection engineering, threat hunting and incident response activities. Participate in threat hunts to proactively identify threats in our corporate and market environments. Regularly review current use cases/detection logic to identify and remove gaps in coverage. Aid in efforts to gain greater visibility and control of our global environments. Collaborate with operations/engineering teams to enable detection engineering in services where cybersecurity response capability is limited. Act as a cybersecurity subject matter expert and contribute to the design and evolution of our enterprise security controls across our global environment. Keep up to date with current threat intelligence, trends, TTPs, and vulnerabilities to understand the cyber threat landscape as it applies to McDonald's. Document internal team policies and procedures for completing core functions and detection engineering lifecycle. Participate in purple team exercises with cyber defenders and action outputs from the GCS Offensive Security team.
Minimum Requirements:
4+ years of hands-on in-depth knowledge and technical experience in security operations including detection engineering, threat hunting, incident response, digital forensics, and/or threat intelligence. Exposure to data science and analytics solutions applicable to cybersecurity. Outstanding organizational, prioritization, communication, and multitasking skills, including the ability to translate technical concepts to non-technical stakeholders. Excellent written and verbal communication/presentation skills to effectively describe security event details and technical analysis.
Desired skills:
Supporting detection engineering in complex global organizations using broad technology stacks. Automating security detection and response, including requirements gathering from internal customers on high value use cases. Developing content using scripting languages like Python, JavaScript or similar. Self-starter and creative problem-solver able to work well independently as well as part of a cohesive global team.
Qualifications: Bachelor's degree in Cybersecurity, Detection Engineering, related technical fields, or equivalent practical experience Professional certifications such as GSEC, GMON, GDAT, CSAE, CSIE, OSCP, GCIH, and PCSAE. Additional Information:
At McDonald’s we are People from all Walks of Life...
People are at the heart of everything we do, and they make the McDonald’s experience. We embrace diversity and are committed to creating an inclusive culture that means people can be their best authentic self in our restaurants and offices, which helps us to better serve our customers. We have a strong heritage of diversity and representation within our communities, which we are proud of. The diversity of our people, customers, Franchisees, and suppliers gives us strength.
We do not tolerate inequality, injustice, or discrimination of any kind. These are hugely important issues and a brand with our reach and relevance means we have a very meaningful role to play.
We also recognise our responsibility as a large employer to continue being active in our communities, helping to develop skills and drive aspirations that will help people to be more aware of the world of work and more successful within it, whether with McDonald’s or elsewhere."
