OT Vulnerability Management Lead (HYBRID)

You may know McCormick as a leader in herbs, spices, seasonings, and condiments – and we’re only getting started. At McCormick, we’re always looking for new people to bring their unique flavor to our team.

McCormick employees – all 14,000 of us across the world – are what makes this company a great place to work.

We are looking to hire an OT Vulnerability Management Lead immediately in a Hybrid (50/50) capacity at our Global Headquarters in Hunt Valley, Maryland. 

What We Bring To The Table:

The best people deserve the best rewards. In addition to the benefits you’d expect from a global leader (401k, health insurance, paid time off, etc.) we also offer:

• Competitive compensation

• Career growth opportunities

• Flexibility and Support for Diverse Life Stages and Choices

• Wellbeing programs including Physical, Mental and Financial wellness

• Tuition assistance

We are looking to hire an OT Vulnerability Management Leader to join our Cybersecurity Threat Management team. Reporting to the Director of Cybersecurity Threat Management, this role will be responsible for developing and leading McCormick’s OT Vulnerability Management program, ensuring the identification, assessment, and mitigation of vulnerabilities across operational environments. This position can be based in Hunt Valley MD.

Responsibilities

• Refine and execute a strategic OT Vulnerability Management strategy aligned with McCormick’s cyber threat management objectives and frameworks like NIST CSF and IEC 62443
• Integrate threat intelligence and apply risk-based frameworks like CVSS, CMSS, EPSS to prioritize vulnerabilities based on McCormick’s operating environment
• Oversee and improve vulnerability discovery processes across operational environments
• Collaborate with IT, Cybersecurity, and operational remediation teams to ensure timely risk reduction across McCormick environments
• Develop and track vulnerability management metrics to provide insights for technical teams and leadership
• Drive continuous improvement in OT security posture by engaging with internal teams, service providers, and industry partners

Required Qualifications

• Bachelor's degree in cybersecurity, computer science, information security, related degree, or equivalent hand-on experience gained through industry, military, or government service in OT security roles.
• GICSP, GRID, CISM, CISSP, OSCP or other relevant security professional certifications
• Minimum 8 years’ professional experience working in OT security, vulnerability management, cybersecurity or information technology
• Minimum 2 years' experience in a senior technical role or leadership role
• Proven ability to translate complex OT vulnerability topics into business risk for executive stakeholders
• Experience managing large-scale security projects and leveraging automation for vulnerability tracking and reporting
• Extensive experience with OT security principles, ICS, SCADA, PLCs, HMIs, and Industrial protocols
• Hands on experience leading vulnerability assessments, risk analysis, and remediation strategies in OT environments.
• Experience with tools like Tenable OT, Claroty, Nozomi, or Verve.
• Understanding of OT threats and malware families and related ICS adversary tactics
• Familiarity with industry regulations and security frameworks like NIST 800-82, IEC 62443, and Purdue Model architecture
• Experience with OT patching processes, compensating controls, and asset lifecycle management

McCormick & Company is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.

As a general policy, McCormick does not offer employment visa sponsorships upon hire or in the future. 

Base Salary: $103,520 - $181,150 

Base salary compensation will be determined based on factors such as geographic location, skills, education, experience for this role, and/or internal equity of our current employees as part of any final offer. This position is also eligible to participate in McCormick’s Incentive Bonus (MIB) Plan. In addition to a competitive compensation package, permanent employees of McCormick are eligible for our extensive Total Rewards programs that include:
- Comprehensive health plans covering medical, vision, dental, life and disability benefits - Family-friendly benefits such as paid parental leave, fertility benefits, Employee Assistance Program, and caregiver support - Retirement and investment programs including 401(k) and profit-sharing plans