About this role
Sr Manager, Penetration Testing leads penetration testing and security assessment activities across McDonald's technology and digital landscape, overseeing SOX IT controls, privacy and governance considerations, and a team of security professionals.
Key Responsibilities
- Conduct Penetration testing (50-75%)
- Lead Security & Privacy portion of audit plan
- Lead technology assessments (pentest, red teaming, privacy, data governance)
- Manage Security & Digital Audit team
- Support SOX IT controls testing
Technical Overview
Hands-on and leadership role covering security operations, DevOps/Agile practices, privacy compliance, data governance, and offensive security tooling (Nmap, Wireshark, BloodHound, Impacket).
Ideal Candidate
The ideal candidate is an experienced security leader with 6+ years in penetration testing and security assessments, capable of managing the department's strategy and partners. They should have deep knowledge of regulatory standards (GDPR, CCPA, CPRA, SOX) and strong leadership and communication skills to drive risk reduction.
Must-Have Skills
Bachelor's degree in EngineeringComputer ScienceInformation Technologyor related field; master's degree preferred6+ years of related work experienceExperience delivering and leading penetration testing activitiesred teamingmobile and web application assessmentstechnical assessmentsinformation technology auditsfinancial compliance (Sarbanes-Oxley) auditsprogram and system implementation reviewsand advisory projectsHands-on experience with enterprise-grade tools such as NmapWiresharkBloodHound and ImpacketExperience in programmingscriptingdata analyticsand other technical solution design and developmentExperience in managing teamsdelivering high-quality audit work productsand communicating effectively with various partnersFamiliarity with control frameworks such as NISTCOBITITILPCIISOSOXand global data privacy laws (GDPRCCPACPRA)Strong knowledge across IT processes including security operationsprogram managementsecurity administrationsystem operationschange managementmodern development (DevOpsAgile)data governanceprivacyand incident/problem managementWilling to travel up to 10%
Nice-to-Have Skills
Professional credentials preferred (CISSPOSCPCRTOCISSPCEHCIPTCDPSECISAor comparable)
Tools & Platforms
NmapWiresharkBloodHoundImpacket
Hard Skills
Software engineeringQuality EngineeringTest AutomationCloud-native platformsAWSGoogle Cloud PlatformcontainerizedmicroservicesAPI testingcontract testingPlaywrightCypressSeleniumJUnitTestNGNUnitPyTestREST AssuredPostmanNewmanCI/CDAgileSDET
Soft Skills
AnalyticalProblem solvingCommunicationCoachingCollaboration
Certifications
Preferred
CISSPOSCPCRTOCISSPCEHCIPTCDPSECISA
Keywords for Your Resume
penetration testingred teamingrisk assessmentSOX IT controls testingcybersecuritysecurity operationsinformation securityprivacydata governancesecurity auditsNISTCOBITITILPCIISOSOXGDPRCCPACPRANmapWiresharkBloodHoundImpacketPythonPowerShellDevOpsAgileSDETsecurity assessmentsCISSP
Deal Breakers
Bachelor's degree in Engineering, CS, IT or related field, 6+ years of related work experience, Willing to travel up to 10%
Get matched to jobs like this
Luna finds roles that fit your skills and career goals — no endless scrolling required.
Create a Free Profile