Sr Network Security Architect

Department Overview

GTIO’s mission is to deliver modern, relevant technology that supports how McDonald’s operates globally. We provide foundational technology services including Global Networking, Cloud, End User Computing, and IT Service Management, all designed to create a seamless and engaging experience for our users.

The Sr Network Security Architect will partner with the Director of Global Network Security to craft and improve McDonald’s network security setup. This includes enhancing existing capabilities to meet the growing demands of securing our users, devices, networks, applications, and data. 

The Network Security Platform team is responsible for the securing of McDonald’s information assets at a global level. This role will be part of the group within Global Technology that is responsible for our network security critical services, including firewall, IPS/IDS , Content Filtering, SASE, SSE, ZTNA, VPN and DDoS. Direct strategic vision, technical advancements, and daily functionality of security solutions in Network Security portfolio.

In this position, individuals will engage closely with market technology teams, Global Technology Risk Management teams, Global Technology Infrastructure and Operations teams, application owners, key vendors, and others to safeguard the detailed development and operation of McDonald’s network security services.

Accountabilities and Responsibilites:

• Develop and maintain Network Security Architectures for McD Networks including cloud, hybrid, and on-prem environments.
• Define Network Security Strategy and Architecture with business objectives and regulatory requirements (NIST, GDPR etc)
• Develop and Sustain Automation Strategy and Architecture within the Network Security domain.
• Create and maintain architecture diagrams, policies, and procedures for network security.
• Work closely with risk, compliance and senior Product
• Conduct threat modeling and risk assessments for network and systems to identify vulnerabilities and recommend mitigation strategies
• Evaluate and integrate security technologies such as firewalls, IDS/IPS, VPNs, Zero Trust Network Access, NAC, SASE and SSE technologies,
• Analyze complex network security issues, resolve causes, and identify corrective actions.
• Assess global/market strategic and practical needs to ensure network security Architecture meet business requirements.
• Lead technical evaluation and vendor selection for innovative platform development.
• Establish, document, and convey network security norms, effective strategies, and blueprints.
• Lead transformation, standardization, and innovation efforts for global and regional network security requirements.
• Partner with teams to deliver network self-healing automation for security events and incidents.
• Mentor and motivate a high-performing team of analysts and engineering professionals.

Qualifications

• Bachelor’s degree in engineering, Computer Science, Network, Cyber security
• Experience in leading the innovation and standardization of network security solutions across the business.
• Familiarity with complex multinational companies and distributed business models.
• Professional certifications such as CCIE Security, PCNSE, CISM, CISSP, SABSA.
• Experience working with an Agile environment. Familiar with documentation process and tools, JIRA and Confluence preferred.
• Experienced with Dev/Ops and CI/CD pipeline tools and processes are advantageous.
• Indepth knowledge and experience (7+ Years) in Architecting, designing, building, supporting, and leading network security products, including, but not limited to SSE, Firewalls, Proxy, ZTNA.
• Consistent track record (5+ Years) in planning, crafting, constructing, maintaining, and leading all aspects of fundamental corporate networks: encompassing Routing, Switching, LAN, WAN, SD-WAN, and MPLS.
• Demonstrated knowledge of developing network security standards and policies and transforming networks to adhere to them.
• Proficient in implementing Network Security in Cloud platforms such as AWS, Azure and/or GCP
• Familiarity with security frameworks (e.g., NIST,SABSA).
• Experience collaborating with business leaders, Technology Directors, and application owners.
• Experience with SIEM/SOAR, NDR etc.
• Proficiency in guiding the assessment and choice of new technologies to transform them into roadmaps and construct arguments.
• Proficiency in deploying broad automation (e.g. Network as Code) to support network security offerings.

Compensation

Bonus Eligible: Yes

Long - Term Incentive: Yes

Benefits Eligible: Yes

Salary Range

The expected salary range for this role is $149,260.00 - $190,310.00 per year
 
The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we may also consider your experience, and other job-related factors.