• Monitor, investigate and respond to security events, alerts and incidents across corporate, QA, staging and production environments • Execute vulnerability operations including intake, prioritization, tracking and remediation coordination in an AI-forward environment • Support IAM program through access changes, privileged access controls, access reviews and control validation • Maintain and improve security runbooks, workflows, documentation and operational procedures • Identify operational gaps and recommend practical improvements that strengthen coverage, response and alignment to best practices • Partner with IT, Engineering and business teams to address security issues across internal and customer-facing environments • Manage work in Jira, including ticket updates, prioritization, workflow discipline and backlog execution • Participate in on-call incident response as needed

• Utilizes SIEM/XDR/EDR tools (AlienVault USMA/LevelBlue, LogRhythm, Microsoft Sentinel, Splunk CrowdStrike, etc.) to monitor alerts and security events of client networks and systems. • Identifies, analyzes, and responds to security incidents as they occur. • Collaborates and leverages their cybersecurity knowledge working alongside a team of skilled analysts to address potential threats within a 24x7 SOC. • Crafts escalations to clients for potential threats that include value-added and root cause analysis with recommendations for remediation. • Continually improves cybersecurity and information security expertise. • Performs other related duties as assigned.

Role Description Duties include identifying, defining, configuring, executing and maintaining automation scripts and tools in support of the brand’s information security initiatives. The ideal candidate will have experience with common scripting languages such as Python, PowerShell, Bash, etc. The ideal candidate will be familiar with Security Orchestration Automation and Response Tools such as MSFT Sentinel, Entra ID, Defender, etc. Experience writing information security playbooks is ideal. The candidate will play a major role in our cyber threat hunt automation efforts, including the vetting of new models and procedures to identify and react to anomalous network and/or endpoint behaviors. Regular collaboration with multiple teams such as Endpoint Security and Threat & Vulnerability Management as well as Security Operations peers will be critical to success. Responsibilities - Creates automation playbooks in coordination with organization peers to reduce the number of tedious/manual tasks (freeing up time for other information security tasks). - Administration, configuration, maintenance, and support of the MSFT Sentinel environment. - Creation, evaluation, updating, and maintenance of Information Security Incident Management Playbooks. - Participates in security incident response efforts by, among other things, having an in-depth knowledge of common security exploits, vulnerabilities and countermeasures. - Investigation of Cyber Security threats. - Identifies, creates, and maintains opportunities for threat intelligence automation. Qualifications - Experience automating security functions with a scripting language such as Python, Powershell, etc. - Experience with a Security Orchestration Automation and Response tool such as MSFT Sentinel, Entra ID, Defender, etc. - Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices. - Experience with host-based and/or network-based forensics tools and techniques. - A curious mindset with attention to detail. - Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux. - Demonstrate the ability to provide written and verbal communications to management to address real-time issues and incidents, including writing formal incident reports and assisting with intelligence reports. - Advanced problem-solving skills, ability to develop effective long-term solutions to complex problems. - At least one certification within the Information Security, Information Assurance or Cybersecurity field such as GIAC, OWASP, ISC2, or similar. - Threat Hunting Experience. - Regular Expression (regex) experience. Requirements - It is expected that you will primarily perform work remotely. You may be asked to travel, as needed, to the Wendy's Restaurant Support Center (RSC) (1 Dave Thomas Blvd, Dublin, OH 43017), or to other location(s) as designated by the Company. - Changes to work location arrangements are subject to managerial approval and business needs. Benefits - The target annual bonus for this role is 7.5% of annualized base salary, based on actual company and personal performance. - Our restaurant support roles are eligible for a wide array of benefits, including things such as parental leave, free EAP sessions, company 401k match and other great offerings. - For more details about our benefits, including an overview of eligibility and terms for certain benefits, please visit our benefits website, www.wendysbenefits.com.

• Conduct proactive threat hunting and refine detection logic for improved accuracy and context • Implement, configure, and optimize security tools, SIEM integrations, and data connections • Monitor and validate security telemetry to identify visibility gaps and improve detection coverage • Respond to escalated security incidents, performing analysis, containment, remediation, and root cause investigation • Collaborate with IT, cloud, and development teams to strengthen security controls and visibility • Create and maintain detailed incident documentation, timelines, and lessons learned • Continuously improve playbooks, automation, operational processes, and detection effectiveness • Contribute to process and capability development across the team • Assist with onboarding and troubleshooting data sources and connectors within Microsoft Sentinel