About McDonald’s:One of the world’s largest employers with locations in more than 100 countries, McDonald’s Corporation has corporate opportunities in Hyderabad. Our global offices serve as dynamic innovation and operations hubs, designed to expand McDonald's global talent base and in-house expertise. Our new office in Hyderabad will bring together knowledge across business, technology, analytics, and AI, accelerating our ability to deliver impactful solutions for the business and our customers across the globe.Global Tech Infrastructure & Operations – Cloud Security Engineer IIIJob Summary:This opportunity is part of the Global Technology Infrastructure & Operations team (GTIO), where our mission is to deliver modern and relevant technology that supports the way McDonald’s works. We provide best-in-class foundational technology products and services including Global Networking, Cloud, End User Computing, and IT Service Management. It’s our goal to always provide an engaging, The Cloud Security Engineer III role is part of the Cloud Infrastructure and Operations team in Global Technology Infrastructure & Operations. This role is responsible for delivering the enterprise-grade security platform engineering outcomes, delivering enhancements and automating security remediations, supporting DevOps and Engineers consuming cloud resources to ensure it is done in a meaningful and secure manner, and engaging with cybersecurity and risk management teams to improve the security posture of the cloud environments.This is an exciting opportunity for an experienced technology leader to help shape the transformation of infrastructure and operations products and services to the entire McDonalds environment.Responsibilities & Accountabilities:Automate the provisioning of cloud monitors, automated remediation, security baselines and templates, etc through the concept of pipeline engineering.Implement core cloud security capabilities such as identity & access, data protection, security controls and compliance, vulnerability management, threat detection and response, and logging/monitoring.Performing penetration testing, red/blue teaming, and gap analysis with audit and cybersecurity partners.Support operations and incident response in cloud events and incidents.Design and deploy programs, dashboards, tests, scripts, and automation to enhance cloud security posture, detection, and response.Build prototypes and perform proof of concepts to demonstrate security valueRemain up-to-date on emerging technologies and architecture and propose ways to use them in current and upcoming projects.Educate and guide team members on cloud standards, procedures, and guidelines/best practices.Act as a SME for all Cloud technical hands-on questions cloud security related.Lead and facilitate the creation of compliance automation and policy-as-code to streamline cloud governance in partnership with the Technical Product Analyst(s) and Manager(s).Strive to provide internal and external customers with excellent customer service and world-class service and focus on improvement and benefits to the cloud consumer’s outcomes.Influence and support more junior cloud security engineers and help develop their skill sets and understanding of cloud security.Basic QualificationsMust be fully vaccinated (i.e., at least 2 weeks after last dose) for COVID-19 and, if hired, present proof of vaccination by start date.Willingness and ability to live the McDonald’s values every day: Serve, Inclusion, Integrity, Community, and Family.Ability to effectively communicate with other senior leaders of IT on program strategies and plans and negotiate quality solutions.Must be attentive to details, organized, self-motivated, and driven.Ability to create system and process flow diagrams, data flow diagrams, sequence and UML diagrams, inter and intra system dependencies within the functional domain and across themKnowledge and understanding of industry trends and new technologies and ability to apply trends to architectural needs.Excellent written and oral communication skills with ability to communicate effectively with technical and non-technical staff.Defines and promotes best practices; cultivates a culture of innovation and learning, including willingness to instruct and coach in a cloud training program as needed.Demonstrated strong analytic and problem-solving abilities.Expert technical knowledge in two or more and strong technical knowledge in 4 or more of the following domains:Cryptography, encryption, and key managementData protection and securityGovernance and risk managementIdentity, access and permissionsInfrastructure securityLogging and monitoringSecurity event and incident responseThreat and vulnerability managementApplication and interface securityDevOps pipeline governance and securityProfessional-level cloud certifications (GCP, AWS, or Azure)Required Qualifications:4+ years of Cloud development and support experience such as, Amazon Web Services (AWS) or Google Cloud Platform (GCP)Infrastructure as Code (IaC) experience: Terraform - scripting and automation via AZ CLI/PowerShell, Bash, Python, Shell etc.Experience in cloud security is required.Demonstrated ability to provide architectural design, leadership, management, and mentoring to team members.Experience developing design specifications, test plans, and protocols.Experience mentoring less experienced team members.Deep experience in building Kubernetes environment is preferred.Good to have Experience:Prior experience in security Windows and Linux servers at scale. Enabling DevOps in IaaS/PaaS is a plus.Experience in multiple programming languages like Python, C#, Java, JavaScript, Ruby on rails etc.CCSK or similar technical security certification.
Job Title
Cloud Security Engineer III [T500-17992]