McDonald's
Global Cybersecurity Principal Domain Architect - Core Infrastructure
McDonald's, Chicago, Illinois, United States, 60290
Overview
The Global Cybersecurity Principal Domain Architect – Core Infrastructure will serve as a technical authority for the Network, Cloud and End-User cybersecurity architecture, leading the design and governance of security solutions across the enterprise. This position ensures alignment with business objectives, enterprise architecture, and cybersecurity strategy while driving innovation and reducing risk. The Domain Architect participates in the Architecture Review Board for cybersecurity and collaborates with other domain architects to define and enforce security standards, reference architectures, and PSPGs (Policies, Standards, Procedures, and Guidelines). Responsibilities
Own the Global Cyber Security Core Infrastructure architecture domain, ensuring end-to-end accountabilities for all initiatives. Make major architectural decisions and resolve domain-level technical challenges. Align security architecture with business objectives, enterprise architecture, technical strategy and cybersecurity strategy. Collaborate with management and additional experts in various subject areas to uphold a cohesive security posture. Advocate for secure-by-design and secure-by-default principles and influence adoption across teams. Establish and maintain a risk-weighted technical debt register for the Core Infrastructure domain; quantify impact and drive remediation with product leaders. Collaborate with engineering and product teams to ensure prioritization and secure implementation of solutions. Approve and ensure the production of architecture artifacts, security models, and design patterns. Co-create and maintain domain reference architectures and contribute to PSPGs using approved templates and governance lifecycle. Evangelize cybersecurity priorities and translate PSPGs/reference architectures into reusable patterns and guidance adopted by infrastructure, product and platform teams. Improve visibility of business risks by conducting threat modeling, mapping controls, and performing risk assessments. Provide architectural oversight for major initiatives from design through deployment. Act as a resident chair member, offering guidance on architectural decisions for cybersecurity initiatives. Stay current on emerging technologies, evolving threats, and industry trends to proactively shape and strengthen the security strategy. Mentor senior architects and engineers, improving security architecture practices. Conduct risk assessments and ensure compliance with frameworks like NIST CSF, ISO 27001, and PCI DSS. Qualifications
Bachelor’s or Master’s in Computer Science, Cybersecurity, or a related field with equivalent experience accepted. 12+ years in information security, with at least 5 years in security architecture roles. Certifications such as CISSP, CISM, SABSA, TOGAF, or equivalent. In-depth technical expertise in Core Infrastructure domain areas, including Cloud Security, Network Security, and End User technologies. This includes details like cloud platforms (AWS, Azure, GCP, OCI), RBAC, MFA, SSO, PAM, VMs, containers, KMS, DLP, SDLC, logging, monitoring, and compliance, as well as network security controls and end-user tech (office OS, devices, EDR, MDM, etc.). Technical expertise with identity and access management, data protection, encryption, Dev/Sec/Ops, application security, platform security, IoT security, and OT security. Proven experience designing security for cloud, hybrid, and on-prem environments. Deep knowledge of security frameworks (NIST, ISO 27001) and the ability to translate frameworks into enforceable enterprise standards and measurable outcomes. Experience in an Agile environment with Scrum practices; familiarity with JIRA and Confluence preferred. Demonstrated results reducing risk and security technical debt while accelerating delivery. Outstanding communication and influence skills; ability to simplify complexity for senior leadership and guide distributed teams. Strong analytical skills; ability to research issues and translate into roadmaps and leadership materials. Ability to understand business challenges, drive process improvements, and translate into solutions. Comfortable with ambiguity and ability to navigate uncertainty; fosters a culture of belonging. Compensation and Benefits
Bonus Eligible:
Yes Long-Term Incentive:
Yes Benefits Eligible:
Yes Salary Range:
The expected salary range for this role is $168,350.00 - $218,860.00 per year. Final pay may reflect experience and other factors. Additional Information:
Benefits include health and welfare benefits, 401(k), adoption assistance, educational assistance, flexible working, and time off policies. Eligibility applies. McDonald’s is an equal opportunity employer committed to diversity and inclusion. Reasonable accommodations are available for applicants with disabilities during the application or hiring process. For accommodations, contact mcdhrbenefits@us.mcd.com. McDonald’s provides equal employment opportunities and prohibits discrimination and harassment of any type. This policy applies to all terms and conditions of employment. Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Engineering and Information Technology Industries: Restaurants
#J-18808-Ljbffr
The Global Cybersecurity Principal Domain Architect – Core Infrastructure will serve as a technical authority for the Network, Cloud and End-User cybersecurity architecture, leading the design and governance of security solutions across the enterprise. This position ensures alignment with business objectives, enterprise architecture, and cybersecurity strategy while driving innovation and reducing risk. The Domain Architect participates in the Architecture Review Board for cybersecurity and collaborates with other domain architects to define and enforce security standards, reference architectures, and PSPGs (Policies, Standards, Procedures, and Guidelines). Responsibilities
Own the Global Cyber Security Core Infrastructure architecture domain, ensuring end-to-end accountabilities for all initiatives. Make major architectural decisions and resolve domain-level technical challenges. Align security architecture with business objectives, enterprise architecture, technical strategy and cybersecurity strategy. Collaborate with management and additional experts in various subject areas to uphold a cohesive security posture. Advocate for secure-by-design and secure-by-default principles and influence adoption across teams. Establish and maintain a risk-weighted technical debt register for the Core Infrastructure domain; quantify impact and drive remediation with product leaders. Collaborate with engineering and product teams to ensure prioritization and secure implementation of solutions. Approve and ensure the production of architecture artifacts, security models, and design patterns. Co-create and maintain domain reference architectures and contribute to PSPGs using approved templates and governance lifecycle. Evangelize cybersecurity priorities and translate PSPGs/reference architectures into reusable patterns and guidance adopted by infrastructure, product and platform teams. Improve visibility of business risks by conducting threat modeling, mapping controls, and performing risk assessments. Provide architectural oversight for major initiatives from design through deployment. Act as a resident chair member, offering guidance on architectural decisions for cybersecurity initiatives. Stay current on emerging technologies, evolving threats, and industry trends to proactively shape and strengthen the security strategy. Mentor senior architects and engineers, improving security architecture practices. Conduct risk assessments and ensure compliance with frameworks like NIST CSF, ISO 27001, and PCI DSS. Qualifications
Bachelor’s or Master’s in Computer Science, Cybersecurity, or a related field with equivalent experience accepted. 12+ years in information security, with at least 5 years in security architecture roles. Certifications such as CISSP, CISM, SABSA, TOGAF, or equivalent. In-depth technical expertise in Core Infrastructure domain areas, including Cloud Security, Network Security, and End User technologies. This includes details like cloud platforms (AWS, Azure, GCP, OCI), RBAC, MFA, SSO, PAM, VMs, containers, KMS, DLP, SDLC, logging, monitoring, and compliance, as well as network security controls and end-user tech (office OS, devices, EDR, MDM, etc.). Technical expertise with identity and access management, data protection, encryption, Dev/Sec/Ops, application security, platform security, IoT security, and OT security. Proven experience designing security for cloud, hybrid, and on-prem environments. Deep knowledge of security frameworks (NIST, ISO 27001) and the ability to translate frameworks into enforceable enterprise standards and measurable outcomes. Experience in an Agile environment with Scrum practices; familiarity with JIRA and Confluence preferred. Demonstrated results reducing risk and security technical debt while accelerating delivery. Outstanding communication and influence skills; ability to simplify complexity for senior leadership and guide distributed teams. Strong analytical skills; ability to research issues and translate into roadmaps and leadership materials. Ability to understand business challenges, drive process improvements, and translate into solutions. Comfortable with ambiguity and ability to navigate uncertainty; fosters a culture of belonging. Compensation and Benefits
Bonus Eligible:
Yes Long-Term Incentive:
Yes Benefits Eligible:
Yes Salary Range:
The expected salary range for this role is $168,350.00 - $218,860.00 per year. Final pay may reflect experience and other factors. Additional Information:
Benefits include health and welfare benefits, 401(k), adoption assistance, educational assistance, flexible working, and time off policies. Eligibility applies. McDonald’s is an equal opportunity employer committed to diversity and inclusion. Reasonable accommodations are available for applicants with disabilities during the application or hiring process. For accommodations, contact mcdhrbenefits@us.mcd.com. McDonald’s provides equal employment opportunities and prohibits discrimination and harassment of any type. This policy applies to all terms and conditions of employment. Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Engineering and Information Technology Industries: Restaurants
#J-18808-Ljbffr