empty

Cybersecurity Lead Engineer -Technology and Engineering (HYBRID)

McCormick & Company

Job Description

Posted on: 
November 25, 2024

Summary and company overview

Company Overview:

You may know McCormick as a leader in herbs, spices, seasonings, and condiments – and we’re only getting started. At McCormick, we’re always looking for new people to bring their unique flavor to our team.

McCormick employees – all 14,000 of us across the world – are what make this company a great place to work.

Position Overview:

The Cybersecurity Lead Engineer will be a member of a global team of security engineers, architects and practitioners who are enabling business growth and access to information, data, and services from anywhere with a security and risk-minded approach. The role requires a broad range of knowledge, skills, and experience in IT (Information Technology) and IT security, including network, server, endpoint, cloud, operational technology (OT), and other environments to ensure security is incorporated into all components of our environment as per our standards and aligned to our risk framework. Specific in-depth or subject matter expertise is expected in three or more technologies or capability areas.

This role will serve as both a security architect and engineer while working with lower-level engineers, analysts, and/or service providers to help support, maintain and operate security technologies and is critical to implement and configure security products and solutions to meet our requirements in an agile way, balancing risk, functionality, and speed to deliver. The role will also be responsible for working with customers, IT teams and service provider teams to review and process security requests, continuously improve service delivery for the function, upholding IT Service Management SLAs, and meeting compliance requirements.

Responsibilities

  • Contribute to the development and execution of the network security strategy and roadmap.
  • Identify opportunities for process improvements and automation within the network security domain.
  • Stay current with emerging security trends, threats, and technologies to ensure proactive defense measures.
  • Lead network security projects, coordinating with cross-functional teams to meet project goals.
  • Manage and maintain firewalls, VPN solutions, cloud security posture, and other network security technologies.
  • Provide technical expertise and guidance during the planning and execution of network security projects and ensure projects adhere to security standards and best practices.
  • Implement and enforce security policies, procedures, and controls to comply with industry standards such as NIST and ISO 27001.
  • Perform risk assessments and develop mitigation strategies to address identified vulnerabilities.
  • Develop and maintain secure baseline configurations for all security devices.
  • Design and implement network security architecture to protect McCormick’s assets and data.
  • Evaluate and recommend new security technologies and solutions to enhance the network security posture.
  • Communicate effectively with stakeholders, including management, IT teams, and external partners.
  • Provide clear and concise reports and documentation on security considerations, assessments, and projects.
  • Participate in daily network security and technology operations to ensure timely incidents and service request management.
  • Oversee the deployment, management, and optimization of network security tools and technologies.
  • Mentor and train other network security engineers and analysts.
  • Share knowledge and best practices with team members and other stakeholders.
  • Participate in continuous learning and professional development activities.
  • Participation in an on-call rotation for security incident response may be required.
  • Maintain all cyber security diagrams, inventories, and documentation, including CMDB.
  • Analyze business requirements and specifications and propose solutions that fit to standards, compliance, and operational requirements.
  • Document use cases and work with agile teams to document user stories.

Job Requirements

Required Qualifications:

  • Bachelor's degree in Information Technology, Computer Science, or relevant field.
  • Three or More of: GIAC Certified, CCSK, OCSP, CISSP, Cloud Certified (AWS, GCP Azure), CEH, ITIL, CCNS, CISC, CPFA, RHCE, Microsoft Certification, Security+, Checkpoint CCSE or other related security certification
  • 8-12 years’ experience in a cyber security role
  • Broad and in-depth knowledge of cyber security technologies
  • Strong experience with Checkpoint firewalls, Ivanti VPN (or similar), Zscaler, and cloud security technologies.
  • 8 years’ experience working in a 24x7 global enterprise environment
  • 5 years’ experience in cyber security solutions
  • Proficiency in secure baseline configuration and network security architecture design
  • Extensive experience planning and deploying both business and IT initiatives and experience with architecture and implementations of IT/OT Security solutions.
  • Proven ability to drive security processes, remediation, and standards within a complex business environment while maintaining continuity of business operations.
  • Comprehensive technical knowledge of all areas within IT plus a comprehensive understanding of all business functions and how their processes and resources interact is required.

Preferred Qualifications:

  • Must be able to multi-task and set priorities
  • Must have experience leading and working in a collaborative, multi-disciplined, globally diverse team environment.
  • Effective communication skills and the ability to communicate appropriately at all levels of the organization; this includes written and verbal communications as well as visualizations
  • Strong consultative skills
  • Positive approach to customer service with demonstrated ability to handle high-pressure support needs in a calm, respectful, and efficient manner
  • Must be able to provide sound, convincing arguments based on qualitative data.
  • Conflict resolution skills.
  • Attention to detail and follow through.
  • Demonstrated ability to manage both technical and business relationships and liaise on the information needs of the business to IT and system constraints back to the business.
  • Ability to maintain confidential and personal information.
  • Demonstrated leader of continuous improvement ideas and implementations
  • Ability to operate in a multi-cultural and multi-lingual environment both with team members and internal customers (critical)
  • Ability to discuss technical information with non-technical individuals across multiple cultures in multiple countries. (critical)
  • English fluency (critical)

Additional commentary

  • Base Salary: $100,870 - $176,480
  • Base salary compensation will be determined based on factors such as geographic location, skills, education, experience for this role, and/or internal equity of our current employees as part of any final offer. This position is also eligible to participate in McCormick’s Incentive Bonus (MIB) Plan. In addition to a competitive compensation package, permanent employees of McCormick are eligible for our extensive Total Rewards programs that include:
  • Comprehensive health plans covering medical, vision, dental, life, and disability benefits
  • Family-friendly benefits such as paid parental leave, fertility benefits, Employee Assistance Program, and caregiver support
  • Retirement and investment programs including 401(k) and profit-sharing plans
  • McCormick & Company is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
  • As a general policy, McCormick does not offer employment visa sponsorships upon hire or in the future.

Summary and company overview

Company Overview:

You may know McCormick as a leader in herbs, spices, seasonings, and condiments – and we’re only getting started. At McCormick, we’re always looking for new people to bring their unique flavor to our team.

McCormick employees – all 14,000 of us across the world – are what make this company a great place to work.

Position Overview:

The Cybersecurity Lead Engineer will be a member of a global team of security engineers, architects and practitioners who are enabling business growth and access to information, data, and services from anywhere with a security and risk-minded approach. The role requires a broad range of knowledge, skills, and experience in IT (Information Technology) and IT security, including network, server, endpoint, cloud, operational technology (OT), and other environments to ensure security is incorporated into all components of our environment as per our standards and aligned to our risk framework. Specific in-depth or subject matter expertise is expected in three or more technologies or capability areas.

This role will serve as both a security architect and engineer while working with lower-level engineers, analysts, and/or service providers to help support, maintain and operate security technologies and is critical to implement and configure security products and solutions to meet our requirements in an agile way, balancing risk, functionality, and speed to deliver. The role will also be responsible for working with customers, IT teams and service provider teams to review and process security requests, continuously improve service delivery for the function, upholding IT Service Management SLAs, and meeting compliance requirements.

Apply now