Application Security Engineer Mcdonald's
Chicago, IL

Job Description

McDonald's, one of the most recognized brands in the world, is seeking an Application Security Engineer to support our security team. You will work in close collaboration with application owners, project managers, business analysts, and developers from IT Solutions teams to ensure GTRM policies and standards are being met for McDonald's initiatives. You will need to be able to take technical details and summarize them for consumption by executive leadership in the Business and IT functions.

We are moving fast and are adding to our best-in-class team. Joining McDonald's means thinking big every single day and preparing for a career that can have impact around the world. We are customer obsessed, committed to being leaders in our industry and believe we are better when we work together. Over the last year, we have launched home delivery, radically improved the digital experiences of our restaurants, introduced mobile pay and have so much more to come.

That said, the biggest area of increase in our spending has been in technology, which is helping to drive our growth. We're looking at how to use technology to improve the customer experience and build new customer experiences. We're also exploring technologies that can help us reduce or eliminate repetitive tasks and make employees' jobs more interesting and rewarding. With all the new projects and initiatives, it is an exciting time to be on the team that is helping to make a Better McDonald's!

In this role, you will develop and maintain an application security program that is designed to ensure that any software developed or acquired meets stringent McDonald's standards while enabling continued innovation to meet customers' ever-changing needs.

Additional responsibilities will include, but are not limited to:

* Providing recommendations to Information Security policies and defining governance procedures for secure application development.
* You will craft and deploy application security tools and processes to support OWASP Top 10 alignment of critical central Secure Software Development Lifecycle controls.
* Collaborating with internal and external development teams (Java, .Net, etc.) to integrate security tools, standards, and processes into the product life cycle.
* You will ensure that developers and QA personnel have the appropriate level of security knowledge and support to perform their daily activities.
* You will assist application owners and development teams with analysis and interpretation of identified vulnerabilities.
* Providing application security expertise to support the incident response and architecture review processes.
* You will establish a governance framework to benchmark the state of said program and the performance of development teams against McDonald's current program.