Job Description
Department Overview
As Senior Manager, Offensive Security, you will lead a global team of penetration testers and red team operators responsible for proactively identifying, validating, and communicating real-world security risks across McDonald's enterprise. Reporting directly to the Director, Threat Operations & Offensive Security, you are the primary people leader on the offensive security side of the organization — managing all individual contributors across the United States and United Kingdom.
This role is both strategic and deeply technical. You will own the day-to-day operations of offensive security services while simultaneously bridging the gap between highly technical hackers and senior executive leadership. You will be responsible for assessment planning and scheduling, stakeholder and customer relationship management, operational delivery, and communicating risk-based outcomes to audiences ranging from engineering teams to the CIO and CISO.
You will partner closely with Incident Response, Detection Engineering, Security Operations (GSOC), Threat Operations, and Technology Risk partners to execute Purple Team exercises and cross-domain engagements that continuously strengthen McDonald's detection and response capabilities. This role sits within Global Cyber Security (GCS), the organization responsible for securing McDonald's information assets at a global level and ensuring our leadership makes informed, risk-based decisions.
Responsibilities
Operational Leadership & Service Delivery
- Own day-to-day operations of McDonald's Offensive Security program, including intake management, assessment scheduling, scoping, rules of engagement, execution oversight, and reporting
- Manage complex, concurrent testing engagements across cloud, network, infrastructure, hardware, application, mobile, and SaaS environments
- Serve as the primary customer-facing point of contact for internal stakeholders
Red Team & Adversary Emulation
- Plan and execute Red Team operations, adversary simulations, and adversary emulation exercises informed by real-world threat intelligence and the MITRE ATT&CK framework
- Design and lead custom Cyber Defense Exercises (CDX), tabletop simulations, social engineering campaigns, and physical security assessments
Executive Communication & Metrics
- Translate complex technical findings into actionable, risk-ranked business impact assessments for executive leadership, including CIO and CISO audiences
- Develop, measure, and track metrics and KPIs to assess the performance, effectiveness, and business value of offensive security operations
- Produce high-quality technical reports, executive summaries, findings documentation, and remediation recommendations
People Leadership & Team Development
- Serve as the people leader for all offensive security individual contributors (penetration testers, red team operators, offensive security analysts) across the US and UK
- Provide hands-on technical guidance and mentorship — able to work side-by-side with the team on complex assessments while coaching junior and senior analysts alike
Strategy & Program Development
- Support the Director in defining and executing the offensive security strategy, roadmap, and program objectives aligned to enterprise risk priorities
- Collaborate cross-functionally with diferent teams to ensure offensive findings feed into unified remediation pipelines
Qualifications
- 8+ years of experience in offensive security, penetration testing, red teaming, or ethical hacking
- 4+ years of direct people leadership experience managing technical cybersecurity teams
- 3+ years of experience managing complex, global projects and initiatives across multiple regions
- Expert-level understanding of adversarial tactics, techniques, and procedures (TTPs), the cyber kill chain, and MITRE ATT&CK framework
- Extensive hands-on experience across multiple testing disciplines: application, cloud, network, infrastructure, hardware, and mobile penetration testing
- Demonstrated ability to lead teams through all stages of a cyber-attack lifecycle (reconnaissance, scanning, enumeration, gaining access, privilege escalation, maintaining access, network exploitation, and covering tracks)
- Qualified to mentor analysts in examining system and application security threats and vulnerabilities (e.g., buffer overflow, cross-site scripting, SQL injection, race conditions, return-oriented attacks, malicious code)
- Proven ability to operate with minimal oversight, make quick and effective decisions, and navigate ambiguity in fast-paced, deadline-driven environments
- Mastery of commercial and open-source offensive security tools and frameworks
Desired Skills
- Professional certifications such as OSCP, OSCE3, GXPN, GCPN, GCDA, GPEN, GWAPT, CRTO, CEH, or equivalent
- Expert understanding of cloud security architectures (Azure, AWS, GCP) and modern application/API security testing
- Experience with C2 frameworks (e.g., Cobalt Strike, Mythic, Sliver), BAS platforms (e.g., SafeBreach), and EASM tools
- Experience managing vulnerability disclosure programs (VDP), bug bounty programs, or coordinated disclosure processes
- Strong understanding of SIEM/SOAR platforms, detection engineering workflows, and how offensive findings integrate with defensive operations
- Experience managing MSSP relationships, vendor SOWs, and hybrid delivery models for offensive security services
Compensation
Bonus Eligible: YES
Long - Term Incentive: YES
Benefits Eligible: YES
Salary Range
The expected salary range for this role is $167,366.00 - $209,207.00 per year
The above represents the expected salary range for this job requisition. Ultimately, in determining your pay, we may also consider your experience, and other job-related factors.