Sr. Cybersecurity Engineer

At McCormick, we bring our passion for flavor to work each day. We encourage growth, respect everyone's contributions and do what's right for our business, our people, our communities and our planet. Join us on our quest to make every meal and moment better.

Founded in Baltimore, MD in 1889 in a room and a cellar by 25-year-old Willoughby McCormick with three employees, McCormick is a global leader in flavour. With over 14,000 employees around the world and more than $6 Billion in annual sales, the Company manufactures, markets, and distributes spices, seasoning mixes, condiments and other flavourful products to the entire food industry, retail outlets, food manufactures, food service businesses and consumers.

While our global headquarters are in the Baltimore, Maryland, USA area, McCormick operates and serves customers from nearly 60 locations in 25 countries and 170 markets in Asia-Pacific, China, Europe, Middle East and Africa, and the Americas, including North, South and Central America

Position Overview

The Sr. Security Engineer will be a member of a global team of security engineers, architects and practitioners who are enabling business growth and access to information, data, and services from anywhere with a security and risk minded approach.

The role requires a broad range of knowledge, skills, and experience in IT (Information Technology) and IT security, including network, server, endpoint, cloud, operational technology (OT) and other environments to ensure security is incorporated into all components of our environment as per our standards and aligned to our risk framework.

Key Responsibilities

• Provide strategic oversight during security incidents and guide process improvements through ITSM and tooling enhancements. (10%)
• Deliver and manage large-scale security engineering initiatives across IT, OT, and cloud environments, ensuring business alignment. (20%)
• Implement and evolve security architecture practice, evaluating new solutions and frameworks to support scalable and secure design practices. (15%)
• Drive compliance integration into security engineering workflows and ensure audit readiness in partnership with legal and compliance teams. (15%)
• Support strategic planning including tooling roadmaps, upgrade cycles, resource modeling, and lifecycle alignment. (20%)
• Mentor engineers, foster knowledge sharing, and build relationships with stakeholders to align security with business objectives. (10%)
• Champion innovation through automation, orchestration, and emerging technologies that improve the effectiveness of security tools. (10%)

Additional / Secondary Responsibilities

• Provide incident response, technology and troubleshooting support when needed.
• Other duties as assigned.

Required Qualifications

Level of Education and Discipline

• Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field.

Certifications and/or Licenses

• Three or More of: GIAC Certified, CCSK, OCSP, CISSP (Certified Information Systems Security Professional), Cloud Certified (AWS (Amazon Web Services), GCP Azure), CEH, ITIL, CCNS, CISC, CPFA, RHCE, Microsoft Certification, Security+, Checkpoint CCSE or other related security certification

Experience

• 8–12 years of experience in cybersecurity engineering or architecture roles, with a strong track record of designing, implementing, and managing enterprise-scale security solutions.
• Deep technical expertise across a range of security technologies, including Microsoft environments, Check Point firewalls, VPN platforms (e.g., Ivanti or ZPA), Zscaler, and cloud-native security controls.
• Hands-on experience operating in complex, 24x7 global enterprise environments, with the ability to maintain continuity of operations while driving security standards and remediation efforts.
• Proven ability to lead security initiatives across hybrid IT/OT environments, including planning, deployment, and architecture of integrated security controls for both business and operational systems.
• Strong familiarity with industry frameworks (e.g., NIST 800-53, ISO 27001, CIS), along with practical experience managing compliance, audits, and continuous control monitoring.
• Comprehensive understanding of IT systems and business processes, with the agility to work in fast-paced, collaborative environments using modern delivery practices like Agile.

Interpersonal Skills

• Demonstrated ability to work effectively in a globally distributed, cross-functional team environment, balancing multiple priorities and driving collaboration across technical and non-technical stakeholders.
• Strong communication, presentation, and relationship-building skills, with the ability to influence, align, and engage senior leadership, partners, and team members at all levels of the organization.
• Confident and consultative approach to problem-solving, capable of articulating complex technical issues in business-relevant terms and navigating conflict with professionalism and clarity.
• Proven ability to stay calm and solution-focused under pressure, with a strong sense of accountability, attention to detail, and follow-through on commitments.
• Active participation in the broader security community and an openness to sharing knowledge, learning from peers, and staying connected to emerging trends and industry networks.

Other Skills & Competencies

• Ability to bridge the gap between business and technical teams by translating complex cybersecurity concepts into clear, actionable insights and aligning technical solutions with business needs and constraints.
• Demonstrated initiative and agility in identifying and executing cybersecurity improvements, adapting to changing priorities, and driving continuous improvement in both technical and business contexts.
• Skilled in stakeholder engagement, change management, and the ability to define, document, and communicate business, functional, and technical requirements across global teams and diverse cultures.
• Strong business and financial acumen, including experience contributing to budget planning, developing business cases for cybersecurity initiatives, and ensuring return on investment through measurable outcomes.
• Committed to maintaining confidentiality, handling sensitive information with discretion, and operating with professionalism in a global enterprise environment; fluent in English with excellent written and verbal communication skills.

Preferred Qualifications

Level of Education and Discipline

• Master’s degree in relevant field or MBA

Certifications and/or Licenses

• CISSP or three or more of the certifications from required

Dimensions

• Functional Knowledge (KN) – (High) highly technical knowledge across leading cloud providers in addition to security and risk frameworks
• Business Expertise (BE) – (Medium) understands key business drivers of cloud services (Costs, agility, etc.) and the risks
• Leadership (LS) – (Medium) informal technical leader driving accountability for risk
• Problem Solving (PS) – (High) ability to understand and simplify complex technical problems into actions and solutions while digesting business requirements into technical solutions
• Nature of Impact (NI) – (Medium) reduces overall enterprise risk of cloud services and implements cost effective, secure solution designs
• Area of Impact (AI) – (Medium) global impact across all business sectors leveraging cloud services and technology
• Interpersonal Skills (IS) – (Medium) interacts with internal and external peer technical teams, external solution providers, internal business stakeholders

At McCormick, we have over a 100-year legacy based on our “Power of People” principle. This principle fosters an unusually dedicated workforce requiring a culture of respect, recognition, inclusion and collaboration based on the highest ethical value