Manager - Security Architecture

When our square shaped burgers made their first sizzle on the scene more than 50 years ago, people knew our approach wasn't like any other. Same goes for the way we support our employees. Our culture of openness, flexibility, and inclusiveness allows everybody to flourish in their own way. If you're looking for a career where you can be part of the action as we continue to grow our iconic brand - We got you!

The Manager, Security Architecture is a key member of the Wendy's Information Security team responsible for ensuring that security requirements necessary to ensure the confidentiality, availability, and integrity of Wendy's information systems are addressed in all aspects of Wendy's Technology. This is a technical leadership role with hands-on engineering responsibilities for secure architecture design and deployment of Wendy's technology.

This role is responsible for developing security requirements for systems and integrating those requirements into a mixed cloud environment throughout the technology life cycle. Other duties include researching and exploring new security tooling to improve security posture in a continuously evolving technology landscape as well as providing strategic and tactical security guidance on new and existing projects across the brand.

The ideal candidate should have existing experience assessing, designing, and documenting archtiectural paterns for secure implementations of systems, as well as have experience leading team of security engineers tasked with ensuring confidentiality, integrity, and availability of a mixed cloud environment.

Responsibilities

• With full competence, develops/integrates security engineering requirements for systems and networks by partnering with Technology teams to ensure confidentiality, integrity, and availability of Wendy's systems.
• Ensures that acquired or developed system(s) and architecture(s) are consistent with organization's secure architecture guidelines.
• Manages the Security Architecture function, including a team of engineers responsible for maintaining/ensuring cloud platform security posture.
• Ensures that security requirements are integrated into company DevOps and GitOps operational frameworks.
• Develops, recommends, and enhances information risk management policies and standards, including controls, processes, and procedures to ensure that information is protected and available to the business in a timely fashion.
• Acts as a source of direction, training, and guidance for less experienced staff. Mentors and coaches other Technology staff to provide guidance and expertise in their growth.
• Performs other duties as assigned.

• 7+ years of experience in information security, network architecture, or similar role; 10 years of experience preferred.
• Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), Offensive Security Certified Expert (OSCE), Global Information Assurance Certification (GIAC), AWS Solutions Architect, GCP Professional Cloud Architect/Engineer, or other relevant industry certifications.
• In-depth understanding of different network architectures, enterprise routing, network services, system types, network devices, development platforms / software suites, database products, and operating systems (e.g. Linux, Windows, Cisco, Juniper, Oracle, SQL Server, Active Directory, LDAP, Java, .NET, etc.).
• In-depth understanding of NIST SP800-30 R1, PTES, OWASP SAMM, OWASP Top 10 and/or other industry recognized Risk Assessment/Pen Testing/Software Assurance frameworks.
• Expert understanding of cloud-based technologies and automation tooling, including experience integrating these technologies in holistic business solutions / CI/CD pipelines.
• In-depth understanding of end-to-end software development lifecycle security using Agile, DevOps, and/or GitOps practices supporting applications/infrastructure development.
• Ability to convey complex technical security concepts to technical and non-technical audiences including executives.
• Motivation to constantly improve processes and methodologies. Strong problem-solving aptitude with ability to think clearly under pressure and in challenging/complex environments. Ability to identify and understand how systems and tools work in the absence of instructions or training.
• Knowledge of commercial and open source security tools (e.g. Wiz, Nessus, Nexpose, SAINT, Qualys, Burp, Nmap, Kali Linux, Metasploit framework, Wireshark, Kismet, Aircrack-ng, Veracode, Checkmarx, etc...).
• Understanding of common scripting languages (e.g. Python, Ruby, BASH, PowerShell, Perl, etc...).
• Strong interpersonal, written, and oral communication skills. Highly self-motivated and directed and keen attention to detail.
• Understanding of and experience with Agile methodology required; SAFe certification preferred

"Wendy's was built on the premise, "Quality is our Recipe," which remains the guidepost of the Wendy's system. Today, Wendy's and its franchisees employ hundreds of thousands of people across more than 7,000 restaurants worldwide with a vision of becoming the world's most thriving and beloved restaurant brand.

The base pay range for this position is listed below. The base pay actually offered will take into account internal equity and budget for the open position and also may vary depending on the candidate's job-related knowledge, skills, and experience, among other relevant factors. This range does not include an estimated value for any benefits, bonus, or other incentives that may be applicable based on position. * The target annual bonus for this role is 20% of annualized base salary, based on actual company and personal performance.

Our square burgers make us different and so do our benefits! Our restaurant support roles are eligible for a wide array of benefits, including things such as parental leave, free EAP sessions, company 401k match and other great offerings. For more details about our benefits, including an overview of eligibility and terms for certain benefits, please visit our benefits website,www.wendysbenefits.com.*

*NOTE: Wendy's benefits, bonus, and other incentives are governed by the applicable legal plans and policies and, where appropriate, may be subject to Board approval an individual award agreement terms. Those documents supersede all other information regarding Wendy's benefits, bonus, and other incentives. Wendy's retains the right to amend or terminate its plans and policies at its sole discretion, in accordance with applicable plans, policies and laws."

#LI-Remote

Pay Range: $114,000 - $200,000 Annually