×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security Information Security Security Manager

Director, Threat Operations & Penetration Testing

Job in Chicago, Cook County, Illinois, 60290, USA
Listing for: McDonald's Corporation
Full Time position
Listed on 2026-05-21
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, Information Security, Security Manager
Salary/Wage Range or Industry Benchmark: 195371 - 244214 USD Yearly USD 195371.00 244214.00 YEAR
Job Description & How to Apply Below

Job Description:

Company Description

McDonald’s is proud to be one of the most recognized brands in the world, with restaurants in over 100 countries that serve 70 million customers daily. We continue to operate from a position of strength. Our updated growth strategy is focused on staying ahead of what our customers want and realizing further growth potential. Our relentless ambition is why McDonald’s remains one of the world’s leading corporations after almost 70 years.

Joining McDonald’s means thinking big and preparing for a career that can have influence around the world.

At McDonald’s, we see every day as a chance to create positive impact. We lead through our values centered on inclusivity, service, integrity, community and family. From support of Ronald McDonald House to our Youth Opportunity project and sustainability initiatives, our values keep us dedicated to using our scale for good: good for our customers, people, industry and planet. We also offer a broad range of outstanding benefits including a sabbatical program, tuition assistance and flexible work arrangements.

Department

Overview

The Director, Threat Operations & Offensive Security is responsible for defining, leading, and scaling a global cybersecurity program spanning two critical pillars:
Threat Operations—Insider Risk, Threat Hunting, and Cyber Threat Exposure Management (CTEM), and Offensive Security—Red Teaming, Penetration Testing, and Adversary Simulation.

  • Threat Operations — Insider Risk, Threat Hunting, and Cyber Threat Exposure Management (CTEM)

  • Offensive Security — Red Teaming, Penetration Testing, and Adversary Simulation

This role leads a geographically distributed team across the United States and United Kingdom, sets strategic direction, and ensures all activities translate into measurable risk reduction and enhanced detection/response capabilities for the enterprise. You will partner closely with Incident Response, Detection Engineering, Security Operations (GSOC), Engineering, and Technology Risk stakeholders to drive cross-functional outcomes.

This role balances strategic program leadership, deep technical expertise, and executive communication—reporting to the Sr. Director, Cyber Defense within Global Cyber Security (GCS).

Duties Strategy & Program Leadership
  • Define and execute the global strategy and multi-year roadmap for Threat Operations and Offensive Security programs
  • Establish measurable goals, KPIs, and OKRs aligned to enterprise cyber risk reduction
  • Drive integration between CTEM, threat hunting, insider risk, detection engineering, and offensive testing to create a unified threat-informed defense model
  • Provide executive-level reporting on program outcomes, risk posture, and operational metrics to GCS and Global Technology leadership
Threat Operations
  • Insider Risk — Lead the insider threat program to detect, investigate, and mitigate internal threats through behavioral analytics, policy enforcement, and cross‑functional partnerships (HR, Legal, Compliance)
  • Threat Hunting — Mature proactive threat hunting capabilities to identify advanced persistent threats, anomalous activity, and gaps in detection coverage across the global enterprise
  • Cyber Threat Exposure Management (CTEM) — Own the CTEM lifecycle including attack surface visibility, exposure prioritization, vulnerability validation, and remediation tracking in partnership with GRC/TPRM and engineering teams
  • Develop playbooks, automation, and operational processes to scale threat operations capabilities
Offensive Security
  • Lead penetration testing programs across application, cloud, network, infrastructure, mobile, and SaaS environments
  • Plan and execute Red Team and Purple Team operations, breach & attack simulations (BAS), and adversary emulation exercises informed by real‑world threat intelligence
  • Oversee the Vulnerability Disclosure Program (VDP) and External Attack Surface Management (EASM) validation activities
  • Translate offensive findings into prioritized, risk‑ranked remediation actions and validate effectiveness of security controls and detection capabilities
  • Lead targeted risk assessments and custom exercises (e.g., tabletop simulations, physical security…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search