Position Details

Salary $152K – $190K USD / year

Type Full-Time

Experience lead

Exp. Years 6+ years

Education Bachelor's degree in Engineering, Computer Science, Information Technology, or related field

Category QA & Testing

About this role

Sr Manager, Penetration Testing leads penetration testing and security assessment activities across McDonald's technology and digital landscape, overseeing SOX IT controls, privacy and governance considerations, and a team of security professionals.

Key Responsibilities

Conduct Penetration testing (50-75%)
Lead Security & Privacy portion of audit plan
Lead technology assessments (pentest, red teaming, privacy, data governance)
Manage Security & Digital Audit team
Support SOX IT controls testing

Technical Overview

Hands-on and leadership role covering security operations, DevOps/Agile practices, privacy compliance, data governance, and offensive security tooling (Nmap, Wireshark, BloodHound, Impacket).

Ideal Candidate

The ideal candidate is a senior security leader with 6+ years delivering penetration testing and security assessments, capable of leading the Security & Privacy Audit function. They should command strong knowledge of regulatory standards (GDPR, CCPA, CPRA, SOX) and excel at coordinating cross-functional teams and offshore partners.

Must-Have Skills

Bachelor's degree in EngineeringComputer ScienceInformation Technologyor related field; master's degree preferred6+ years of related work experienceExperience delivering and leading penetration testing activitiesred teamingmobile and web application assessmentstechnical assessmentsinformation technology auditsSOX IT controls testingHands-on experience with NmapWiresharkBloodHound and ImpacketProgramming/scriptingdata analyticsand other technical solution designExperience in managing teams and communicating with partnersFamiliarity with NISTCOBITITILPCIISOSOXGDPRCCPACPRAStrong knowledge across IT processes including security operationsprogram managementsecurity administrationsystem operationschange managementDevOps/Agiledata governanceprivacyincident/problem managementWilling to travel up to 10%Professional credentials preferred (CISSPOSCPCRTOCIPTCDPSECISA)

Nice-to-Have Skills

CISSPOSCPCRTOCIPTCDPSECISA

Tools & Platforms

NmapWiresharkBloodHoundImpacket

Hard Skills

Penetration TestingRed TeamingSecurity AssessmentsSOX IT Controls TestingNISTCOBITITILPCIISOSOXGDPRCCPACPRANmapWiresharkBloodHoundImpacketProgrammingScriptingData AnalyticsDevOpsAgileSecurity & Privacy Governance

Soft Skills

LeadershipCommunicationCoachingStakeholder managementCollaborationStrategic thinking

Certifications

Preferred

CISSPOSCPCRTOCIPTCDPSECISA

Industry & Role

Industry Insurance

Job Function Lead penetration testing and security audit activities for technology and digital domains

Role Subtype Penetration Tester

Tech Domains Nmap, Wireshark, BloodHound, Impacket, Information Security, Security Operations, DevOps, Agile, Security & Privacy Governance

Keywords for Your Resume

penetration testingred teamingsecurity assessmentsSOX IT controls testingNISTCOBITITILPCIISOSOXGDPRCCPACPRANmapWiresharkBloodHoundImpacketPythonPowerShellDevOpsAgileinformation securityprivacydata governanceauditsCISSP

Deal Breakers

Bachelor's degree in Engineering, CS, IT or related field, 6+ years of related work experience, Willing to travel up to 10%

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile