Share this Job

Cyber Security Engineer

Łódź, Lodzkie, PL, 90-032

Cyber Security Engineer


Łódź, Poland


This role works with the team that defines the strategic vision, roadmap, principals and standards for McCormick’s Threat Intelligence and incident response capabilities.  The scope of this role includes providing expertise and understanding of the threat landscape working with different teams to mitigate risk and understand the threats that might impact our business.  Provide expert knowledge of Threat Intelligence process and technologies including VM, SIEM, SOC, threat hunting, Incident response, and cloud security. In this role you will track, analyze, and respond to incoming threats and respond to incidents. You will be involved in the evolution of our threat intelligence program as we build new capabilities and enhance current one’s for cloud security. Central to this is building the technology, processes and capabilities identify threats across the infrastructure both on premise and in the cloud.  To accomplish this, you will work closely with our internal security teams, managed service providers and other partners to help develop threat intelligence program that is resilient and supportable.


This position will provide the opportunity to assist in monitoring and protecting McCormick cloud applications and infrastructure, local infrastructure, and physical locations against intrusion, hacking attempts, viruses, malware, and vulnerabilities. You would play a key role in assisting the Security teams in implementing various security initiatives.  This role will be an integral part of our Security Operations Centre (SOC) aligned with our threat intelligence and incident response teams.




This position will also be responsible for working with other Security team members to respond to incidents, participate in security investigations and forensics, and lead, consult, and participate in IT projects and initiatives.


This role reports to the Director of Cyber Security Threat Intelligence and Incident Response




  • Assist with the development and maintenance of our security roadmap. Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the IT Security Leadership, where appropriate.
  • Assist with the identification of the tools, processes and controls required to effectively secure the McCormick enterprise ensuring the confidentiality, integrity and availability of the Company’s information assets.  Work with security team to deploy and operate the threat intelligence tools and processes
  • Assist with a variety of security applications and services such as Vulnerability management, SIEM, Firewalls, IDS/IPS, Content Filtering, Anti-Malware, Anti-Virus, Forensic and Data Loss / Leakage tools. The escalation of threats and incidents to management and the development of recommendations based on incident findings
  • Threat hunting, forensics, and incident response is included in daily responsibilities.
  • Monitor and analyze traffic and events/alerts and advise on remediation actions
  • Review and assess impact and remediation actions for incidents escalated by Tier 1
  • Investigate intrusion attempts and perform in-depth analysis of exploits by correlating various sources and determining which system or data set is affected.
  • Follow standard operating procedures for detecting, classifying, and reporting incidents
  • Demonstrate network expertise to support timely and effective decision making of when to declare an incident
  • Conduct proactive threat research
  • Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
  • Independently follow procedures to identify, contain, analyze, document and eradicate malicious activity
  • Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
  • Escalate information regarding intrusion events, security incidents, and other threat indications and warning information to the client
  • Track trends and configure systems as required to reduce false positives from true events.
  • Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions
  • Provide written analysis for monthly reports on an as-needed basis




  • Bachelor’s degree in Information Technology or in a relevant field.
  • 5 years experience working in a SOC environment, incident response, threat hunting, vulnerability management and SIEM.
  • 3 years experience working in a 24x7 global enterprise environment.
  • Understanding of Security principles, techniques and technologies such as SANS Top 20 Critical Security Controls, NIST Cybersecurity Framework, CIS Controls and OWASP Top 10.
  • Understanding of incident handling and forensics, Risk Assessment & Quantification methodologies, and familiarity with automated security monitoring systems and log correlation. Microsoft Windows and Unix Operating Systems basics
  • Proven experience in IT systems design and development of security tools and platforms such as Azure, Rapid 7, QRadar, Sentinel, Microsoft AD/Azure AD, and 365.  Experience working with offensive security tools and processes.
  • Possess an enterprise-wide view of security operations with varying degrees of appreciation for strategy, processes and capabilities, enabling technologies, and governance.
  • Understand complex architecture concepts across multiple technologies within systems in a hybrid cloud architecture
  • Experience working in a team-oriented, collaborative environment.
  • Exceptional communication skills and the ability to communicate appropriately at all levels of the organization; this includes written and verbal communications as well as visualizations.
  • Positive approach to customer service with demonstrated ability to handle high pressure support needs in a calm, respectful, and efficient manner.
  • Ability to maintain confidential and personal information



Preferred Qualifications:


A combination of the following


  • CCSK – Certificate of Cloud Security Knowledge
  • AWS Certified Solutions Architect – Associate (T59B3N3CL141QH51)
  • CEH – EC | Council Certified Ethical Hacker (ECC3072461958)
  • ITIL Foundation v4 (GR671013561MO)
  • ITIL Intermediate – IT Service Operation (GR754062762MO)
  • CCNA – Cisco Certified Network Associate (CSCO12222391)
  • CISC – Certified Information Security Consultant
  • CPFA – Certified Professional Forensics Analyst
  • RHCE – Red Hat Certified Engineer
  • Microsoft Certified: Azure Security Engineer Associate


Agencies: McCormick as needed will work with external recruitment vendors through our Agency Portal. Unless previously contacted, McCormick does not accept unsolicited resumes from external recruiting agencies.


McCormick & Company is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, colour, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.


As users of the disability confident scheme, we guarantee to interview all disabled applicants who meet the minimum criteria for the vacancy/ies.



United by flavor. Driven by results.

As a McCormick employee you’ll be empowered to focus on more than your individual responsibilities. You’ll have the opportunity to be part of something bigger than yourself—to have a say in where the company is going and how it’s growing.

Between our passion for flavor, our 130-year history of leadership and integrity, the competitive and comprehensive benefits we offer, and our culture, which is built on respect and opportunities for growth, there are many reasons to join us at McCormick.