Senior Director Cybersecurity – IAM and Architecture

Company Description

McDonald’s new growth strategy, Accelerating the Arches, encompasses all aspects of our business as the leading global omni-channel restaurant brand. As the consumer landscape shifts, we are using our competitive advantages to further strengthen our brand. One of our core growth strategies is to Double Down on the 4Ds (Delivery, Digital, Drive Thru, and Development). Our growth pillars emphasize the critical role technology plays as the best-in-class, global omni-channel restaurant brand. Technology enables the organization through digital technologies, and improving the customer, crew, and employee experience each and every day.

Leading the security of our business is the Global Cyber Security (GCS) organization made up of leading practitioners who partner with the enterprise and provide security for the next set of groundbreaking opportunities business. We take on the highest security challenges for McDonalds – driving security platforms, enabling McDonalds to do business securely, and helping continuously mature secure practices for McDonalds all while improving operational effectiveness. GCS provides access to compelling career paths for aspiring technologists. It’s bonus points when you get to see your family and friends use the tech you secure at their favorite McDonald’s restaurant.

Job Description

The Senior Director of Identity and Access Management (IAM) will lead the development and implementation of innovative IAM strategies and solutions to enhance the security and efficiency of our organization’s identity and access management processes. We are seeking a leader who can envision the future, understand technical aspects, handle projects well, and collaborate with various teams and collaborators. Lead all aspects of the IAM program, including Identity governance and Administration (IGA), Privileged Access Management (PAM), Cloud Identity, Authentication and Authorization (AM), Directories (Active Directory, Azure AD) and Federation.

Accountabilities & Responsibilities:

• Drive the creation of pioneering IAM strategies that incorporate the newest technologies and methodologies creating security efficiency.
• Develop a strategic vision for User Access Enforcement that leverages Active Directory/Entra ID, federation, access brokers, and reverse/forward proxies to ensure robust Zero Trust capabilities.
• Lead large-scale IAM projects, ensuring they align with organizational goals and follow regulatory requirements.
• Develop and implement organization-wide strategies for Identity Provisioning, Privileged Access Management, two-factor authentication, Single Sign-On, and IAM governance.
• Provide authority solution architecture for IAM, tailoring solutions to meet the specific needs of various internal projects.
• Understand diverse requirements (user experience, location-specific, franchise-specific) and implement standardized products and methods to maintain functionality and security.
• Engage with senior leadership to ensure cybersecurity priorities are integrated into product development and organizational strategies.
• Continuously challenge and improve current IAM approaches to enhance services, platforms, architectures, and delivery methods.
• Promote a culture of innovation and continuous improvement within the IAM team, encouraging new ideas.
• Provide strong leadership to the IAM team, fostering a collaborative, high-performing environment.
• Enhance the organization’s ability to securely and efficiently manage identities and access across the network.
• Develop long-term strategic plans for IAM that align with the organization’s overall goals and future direction.
• Oversee the execution of these plans, ensuring they are implemented effectively and deliver the desired outcomes.
• Identify potential risks related to identity and access management and develop strategies to mitigate these risks.
• Design IAM solutions that provide a seamless and secure user experience, balancing security with usability.

Qualifications

Basic Qualifications:

• 5+ years leading IAM teams of at least 20 people.
• Bachelor’s degree or equivalent experience in Computer Science or Cyber Security.
• Ability to craft significant agreements with long-term implications.
• Required Skills: Demonstrated proficiency in IAM technologies, including Active Directory, Azure ID, Entra ID, PAM, and Microsoft Suite of Security for IAM.
• Strong people leadership skills and the ability to build and maintain relationships across the network.
• Strong critical thinking and problem-solving abilities.
• Able to optimally communicate to all levels of the organization.

Preferred Qualifications:

• Demonstrated success in leading large-scale IAM initiatives.
• Proficiency in IAM Technologies: Well-versed in PAM, IGA, AM, Active Directory, and other IAM technologies, with hands-on experience in deploying cloud-native SaaS IAM solutions.
• Ability to quickly adapt to sophisticated environments and lead change with minimal guidance.
• Exceptional leadership and people management skills, with experience in addressing and resolving leadership challenges.
• Relevant certifications like CISSP, CISM, CISA are a plus.
• Experience with Cloud Infrastructure and Entitlements Management, Identity Threat Detection and Response, and implementing IAM controls for multi-cloud environments (AWS, Google, etc.).

Additional Information

McDonald’s is committed to providing qualified individuals with reasonable accommodations to perform the essential functions of their jobs. Additionally, if you (or another applicant of whom you are aware) require assistance accessing or reading this job posting or otherwise seek assistance in the application process, please contact recruiting.supportteam@us.mcd.com

McDonald’s provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Nothing in this job posting or description should be construed as an offer or guarantee of employment.