Cybersecurity Lead Engineer -Technology and Engineering (HYBRID)

McCormick & Company, Inc., a world leader in the spice, flavor and seasonings industry, is seeking a full time Cybersecurity Lead Engineer – Technology and Engineering. This position will report to the Sr. Manager Cybersecurity - Technology and Engineering.

Position Overview:

The Cybersecurity Lead Engineer will be a member of a global team of security engineers, architects and practitioners who are enabling business growth and access to information, data, and services from anywhere with a security and risk minded approach. The role requires a broad range of knowledge, skills, and experience in IT (Information Technology) and IT security, including network, server, endpoint, cloud, operational technology (OT) and other environments to ensure security is incorporated into all components of our environment as per our standards and aligned to our risk framework. Specific in depth or subject matter expertise is expected in three or more technologies or capability areas.

This role will serve as both a security architect and engineer while working with lower-level engineers, analysts, and/or service providers to help support, maintain and operate security technologies and is critical to implement and configure security products and solutions to meet our requirements in an agile way, balancing risk, functionality and speed to deliver. The role will also be responsible for working with customers, IT teams and service provider teams to review and process security requests, continuously improve service delivery for the function, upholding IT Service Management SLAs and meeting compliance requirements.

• Contribute to the development and execution of the security and engineering practice strategy and roadmap.
• Identify opportunities for process improvements and automation within the network security domain.
• Stay current with emerging security trends, threats, and technologies to ensure proactive defense measures.
• Lead the security projects, coordinating with cross-functional teams to meet project goals.
• Manage and maintain firewalls, VPN (Virtual Private Networks) solutions, cloud security posture, and other security technologies.
• Provide technical expertise and guidance during the planning and execution of network security projects and ensure projects adhere to security standards and best practices.
• Implement and enforce security policies, procedures, and controls to comply with industry standards such as NIST and ISO 27001.
• Perform risk assessments and develop mitigation strategies to address identified vulnerabilities.
• Develop and maintain secure baseline configurations for all security devices.
• Design and implement network security architecture to protect McCormick’s assets and data.
• Evaluate and recommend new security technologies and solutions to enhance the network security posture.
• Communicate effectively with stakeholders, including management, IT teams, and external partners.
• Provide clear and concise reports and documentation on security considerations, assessments, and projects.
• Participate in daily network security and technology operations to ensure timely incidents and service request management.
• Oversee the deployment, management, and optimization of network security tools and technologies.
• Mentor and train other network security engineers and analysts. Share knowledge and best practices with team members and other stakeholders.
• Participate in continuous learning and professional development activities.
• Participation in an on-call rotation for security incident response may be required
• Maintain all cyber security diagrams, inventories, and documentation, including CMDB.
• Analyze business requirements and specifications and propose solutions that fit standards, compliance, and operational requirements.
• Documents use cases and work with agile teams to document user stories.