Specialist, Governance, Risk & Compliance

McDonald's Corporation•Chicago, IL

4d•$84,051 - $105,064

About The Position

McDonald’s is proud to be one of the most recognized brands in the world, with restaurants in over 100 countries that serve 70 million customers daily. We continue to operate from a position of strength. Our updated growth strategy is focused on staying ahead of what our customers want and realizing further growth potential. Our relentless ambition is why McDonald’s remains one of the world’s leading corporations after almost 70 years. Joining McDonald's means thinking big and preparing for a career that can have influence around the world. At McDonald’s, we see every day as a chance to create positive impact. We lead through our values centered on inclusivity, service, integrity, community and family. From support of Ronald McDonald House Charities to our Youth Opportunity project and sustainability initiatives, our values keep us dedicated to using our scale for good: good for our customers, people, industry and planet. We also offer a broad range of outstanding benefits including a sabbatical program, tuition assistance and flexible work arrangements. Department OverviewWe are moving fast and are adding to our best-in-class team and joining McDonald's means thinking big every day and preparing for a career that will have a global impact. We are customer-obsessed, committed to being leaders in our industry, and believe we are better when we work together. Over the last several years, we have launched home delivery, radically improved the digital experiences of our restaurants, introduced mobile pay, and have so much more to come. These critical initiatives require strong leadership to ensure resilient security posture and compliance with policies, standards, regulatory requirements, and best practices. McDonald’s is investing heavily in technology to drive our growth. We’re looking at how to use technology to improve the customer journey and build new customer experiences. We’re also exploring technologies that can help us reduce or eliminate repetitive tasks and make employees’ jobs more exciting and rewarding. With all the new projects and initiatives, it is an exciting time to be on the cybersecurity team, helping to make a safer and better McDonald's!

Requirements

Bachelor’s Degree in Risk Management, GRC, Internal Audit, Third-Party Risk Management, Compliance, Cybersecurity, or related fields.
1 - 3 years of experience in Information/Technology Risk Management, Supply Chain Risk Management, Third-Party Risk Management, and/or Global Regulatory Compliance.
Strong written and verbal communication skills. Proficiency in technical writing and creative communication for diverse audiences.
Ability to build and maintain professional relationships across diverse teams.
Detail-oriented with excellent project management, report writing, and presentation skills.
Skilled at translating technical concepts for business stakeholders.
Passion for process improvement and continuous enhancement.
Familiarity with multinational organizations and distributed business models.
Understanding of compliance, risk, and control frameworks (e.g., NIST, PCI, ISO, COBIT, CIS).
Experience with GRC platforms (e.g., ServiceNow, OneTrust, RSA Archer).
Ability to prioritize effectively and make sound decisions based on business needs.

Nice To Haves

Professional certifications (or willingness to obtain): Security+, CIA, CISA, CISM, CRISC, CISSP, PMP.

Responsibilities

Maintain a deep understanding of industry risk trends and McDonald’s business strategies to identify security risks and concerns.
Conduct comprehensive third-party security risk assessments to uncover potential vulnerabilities.
Communicate and prioritize security risks across the organization; validate remediation efforts and timelines.
Partner with stakeholders to implement security controls and risk mitigation strategies aligned with McDonald’s policies and standards.
Manage intake and prioritization of new risk assessments across the enterprise.
Map and report risks against industry frameworks (e.g., NIST, ISO) to highlight opportunities for improvement.
Develop metrics, identify trends, and drive visibility into the business value of risk management activities.
Advise global technology and business leaders on security best practices, risk analysis, and mitigation strategies.
Create and maintain process documentation, including workflows, process maps, and controls.

Benefits

This position offers health and welfare benefits, a 401(k) plan, adoption assistance program, educational assistance program, flexible ways of working, and time off policies (including sick leave, parental leave, and vacation/PTO).
Bonus eligible: This position is eligible for a bonus, calculated based on individual and company performance.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume