Cyber Security Engineer Threat Intelligence and Incident Response HYBRID

McCormick & Company Inc. a global leader in the spice flavor and seasonings industry is seeking a fulltime Cyber Security Engineer for Threat Intelligence and Incident Response.This is position will be located in Hunt Valley MD This position will report to the Director Cyber Security Threat Intelligence and Incident Response

McCormick & Company Incorporated is a global leader in flavor with approximately 13000 employees worldwide. As a Fortune 500 company with over $5 billion in annual sales across 160 countries and territories we manufacture market and distribute spices seasoning mixes condiments and other flavorful products to the entire food industry including ecommerce retail food manufacturers and foodservice businesses. Our most popular brands include McCormick Frenchs Franks RedHot Stubbs OLD BAY Lawrys Zatarains Ducros Vahin Cholula Schwartz Kamis DaQiao Club House Aeroplane and Gourmet Garden. Every day no matter where or what you eat or drink you can enjoy food flavored by McCormick. Our Purpose is To Stand Together for the Future of Flavor and our Vision is A World United by Flavorwhere healthy sustainable and delicious go hand in hand.

As a company recognized for its exceptional commitment to employees McCormick offers a wide variety of benefits programs and services. Benefits include but are not limited to tuition assistance medical dental vision disability group life insurance 401(k) profit sharing paid holidays and vacations.

Position Overview/Primary Purpose:

This role works with the team that defines the strategic vision roadmap principals and standards for McCormicks Threat Intelligence and incident response capabilities. The scope of this role includes providing expertise and understanding of the threat landscape working with different teams to mitigate risk and understand the threats that might impact our business. Provide expert knowledge of Threat Intelligence process and technologies including VM SIEM SOC threat hunting Incident response and cloud security. In this role you will track analyze and respond to incoming threats and respond to incidents. You will be involved in the evolution of our threat intelligence program as we build new capabilities and enhance current ones for cloud security. Central to this is building the technology processes and capabilities identify threats across the infrastructure both on premise and in the cloud. To accomplish this you will work closely with our internal security teams managed service providers and other partners to help develop threat intelligence program that is resilient and supportable.

This position will provide the opportunity to assist in monitoring and protecting McCormick cloud applications and infrastructure local infrastructure and physical locations against intrusion hacking attempts viruses malware and vulnerabilities. You would play a key role in assisting the Security teams in implementing various security initiatives. This role will be an integral part of our Security Operations Centre (SOC) aligned with our threat intelligence and incident response teams.

This position will also be responsible for working with other Security team members to respond to incidents participate in security investigations and forensics and lead consult and participate in IT projects and initiatives.

This role reports to the Director of Cyber Security Threat Intelligence and Incident Response

Responsibilities:

• Assist with the development and maintenance of our security roadmap. Participate in the creation of enterprise security documents (policies standards baselines guidelines and procedures) under the direction of the IT Security Leadership where appropriate.
• Assist with the identification of the tools processes and controls required to effectively secure the McCormick enterprise ensuring the confidentiality integrity and availability of the Companys information assets. Work with security team to deploy and operate the threat intelligence tools and processes
• Assist with a variety of security applications and services such as Vulnerability management SIEM Firewalls IDS/IPS Content Filtering AntiMalware AntiVirus Forensic and Data Loss / Leakage tools. The escalation of threats and incidents to management and the development of recommendations based on incident findings
• Threat hunting forensics and incident response is included in daily responsibilities.
• Monitor and analyze traffic and events/alerts and advise on remediation actions
• Review and assess impact and remediation actions for incidents escalated by Tier 1
• Investigate intrusion attempts and perform indepth analysis of exploits by correlating various sources and determining which system or data set is affected.
• Follow standard operating procedures for detecting classifying and reporting incidents
• Demonstrate network expertise to support timely and effective decision making of when to declare an incident
• Conduct proactive threat research
• Analyze a variety of network and hostbased security appliance logs (Firewalls NIDS HIDS Sys Logs etc. to determine the correct remediation actions and escalation paths for each incident
• Independently follow procedures to identify contain analyze document and eradicate malicious activity
• Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
• Escalate information regarding intrusion events security incidents and other threat indications and warning information to the client
• Track trends and configure systems as required to reduce false positives from true events.
• Assist with the development of processes and procedures to improve incident response times analysis of incident and overall SOC functions
• Provide written analysis for monthly reports on an asneeded basis

Required Qualifications:

• Bachelors degree in Information Technology or in a relevant field.
• 5 years experience working in a SOC environment incident response threat hunting vulnerability management and SIEM.
• 3 years experience working in a 24x7 global enterprise environment.
• Understanding of Security principles techniques and technologies such as SANS Top 20 Critical Security Controls NIST Cybersecurity Framework CIS Controls and OWASP Top 10.
• Understanding of incident handling and forensics Risk Assessment & Quantification methodologies and familiarity with automated security monitoring systems and log correlation. Microsoft Windows and Unix Operating Systems basics
• Proven experience in IT systems design and development of security tools and platforms such as Azure Rapid 7 QRadar Sentinel Microsoft AD/Azure AD and 365. Experience working with offensive security tools and processes.
• Possess an enterprisewide view of security operations with varying degrees of appreciation for strategy processes and capabilities enabling technologies and governance.
• Understand complex architecture concepts across multiple technologies within systems in a hybrid cloud architecture
• Experience working in a teamoriented collaborative environment.
• Exceptional communication skills and the ability to communicate appropriately at all levels of the organization; this includes written and verbal communications as well as visualizations.
• Positive approach to customer service with demonstrated ability to handle high pressure support needs in a calm respectful and efficient manner.
• Ability to maintain confidential and personal information

Preferred Qualifications:

A combination of the following

• CCSK Certificate of Cloud Security Knowledge
• AWS Certified Solutions Architect Associate (T59B3N3CL141QH51
• CEH EC Council Certified Ethical Hacker (ECC
• ITIL Foundation v4 (GRMO)
• ITIL Intermediate IT Service Operation (GRMO)
• CCNA Cisco Certified Network Associate (CSCO
• CISC Certified Information Security Consultant
• CPFA Certified Professional Forensics Analyst
• RHCE Red Hat Certified Engineer
• Microsoft Certified: Azure Security Engineer Associate

#LINP2

McCormick & Company is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex gender identity sexual orientation race color religionnational origin disability protectedveteran status age or any other characteristic protected by law.

As a general policy McCormick does not offer employment visa sponsorships upon hire or in the future.