Sobre

• Company Description
• McDonald’s new growth strategy, Accelerating the Arches, encompasses all aspects of our business as the leading global omni-channel restaurant brand. As the consumer landscape shifts, we are using our competitive advantages to further strengthen our brand. One of our core growth strategies is to Double Down on the 3Ds (Delivery, Digital and Drive Thru). McDonald’s will accelerate technology innovation so 65M+ customers a day will experience a fast, easy experience, whether at one of our 25,000 and growing Drive Thrus, through McDelivery, dine-in or takeaway.
• Leading this revolution is McDonald’s Global Technology organization made up of intrapreneurs who get to build really cool tech with scary smart people using the latest innovations like AI, IOT, and edge computing. We do this working along diverse, global teams who are always hungry for a challenge. It’s bonus points when you get to see your family and friends use the tech you build at their favorite McD restaurant.
• We’re recruiting engineers to join our Global Technology team in Mexico City, Mexico as we open our McDonald’s Mexico office. Our Mexico City office will be a hub for technology innovation and operational support to help us build the solutions that will improve our customer, crew and employee experience each and every day.
• Check out the McDonald’s Global Technology Technical Blog to learn how technology and our global team are directly enabling the Accelerating the Arches strategy.
• Job Description
• McDonald’s is seeking a Sr Analyst – Application Security to lead secure coding practices efforts and ensure secure applications are being develop across the enterprise. This role expands beyond standard analyst responsibilities by providing leadership in prioritization, advanced testing, and reporting, while mentoring junior analysts and coordinating remediation activities. The Sr Analyst will also engage with internal customers to provide strategic guidance on security findings and ensure timely resolution.
• McDonald’s is investing heavily in technology to drive our growth. We’re looking at how to use technology to improve customer experience and build new customer experiences. We’re also exploring technologies that can help us reduce or eliminate repetitive tasks and make employees’ jobs ultimately exciting. With all the new projects and initiatives, it is a dynamic era in our cybersecurity growth, helping to make a safer and Better McDonald's!
• This position emphasizes comprehensive reporting, oversight of code reviews for security issues, and execution of advanced testing activities to validate application security posture.

Responsibilities & Accountabilities

Application Security Program Development

• Design, implement, and maintain application security processes aligned with organizational standards and industry best practices.

Lead Vulnerability Management

• Oversee monitoring, tracking, and management of application security vulnerabilities across multiple platforms.

Prioritization & Risk Assessment

• Evaluate risk and prioritize remediation efforts based on severity, business impact, and compliance requirements.

Advanced Scan & Test

• Execute and validate SAST/DAST scans, perform manual penetration testing, and oversee complex testing scenarios.

Code Review Oversight

• Guide and participate in code reviews to identify security vulnerabilities and enforce secure coding standards.

Reporting & Metrics

• Prepare and deliver detailed vulnerability reports, dashboards, and executive summaries for leadership visibility.

Collaboration & Coordination

• Work closely with developers, product teams, and cybersecurity stakeholders to communicate findings and drive remediation.

Customer Engagement

• Act as a primary point of contact for internal teams, providing strategic guidance and actionable recommendations.

Mentorship

• Support and mentor junior analysts in vulnerability management and testing best practices.

Continuous Improvement

• Recommend process enhancements and automation opportunities to improve vulnerability management and testing efficiency.
• Qualifications

Education

• Bachelor’s degree in computer science, Cybersecurity, or related field (or equivalent experience).

Experience

• 4+ years in application security, vulnerability management, or related cybersecurity roles.
• Hands-on experience with application penetration testing methodologies and tools.
• Proficiency with SAST and DAST tools.
• Strong understanding of secure coding practices and common vulnerabilities (OWASP Top 10).

Skills

• Familiarity with CI/CD pipelines and operating security tools.
• Excellent problem-solving, strong analytical and communication skills.
• Ability to work collaboratively across technical and business teams.
• Preferred Qualifications
• Experience with container security and cloud-native application security.
• Certifications such as OSCP, CEH, Security+.
• #LI-Hybrid
• Additional Information
• McDonald’s is committed to providing qualified individuals with reasonable accommodations to perform the essential functions of their jobs. Additionally, if you (or another applicant of whom you are aware) require assistance accessing or reading this job posting or otherwise seek assistance in the application process, please contact [email protected]
• McDonald’s provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to sex, sex stereotyping, pregnancy (including pregnancy, childbirth, and medical conditions related to pregnancy, childbirth, or breastfeeding), race, color, religion, ancestry or national origin, age, disability status, medical condition, marital status, sexual orientation, gender, gender identity, gender expression, transgender status, protected military or veteran status, citizenship status, genetic information, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
• Nothing in this job posting or description should be construed as an offer or guarantee of employment.

• McDonald's Office Location: Mexico
• Global Grade: G4