McCormick & Company, Incorporated
Cyber Security Engineer: Threat Intelligence and Incident Response (HYBRID)
McCormick & Company, Incorporated, California, Missouri, United States, 65018
Cyber Security Engineer: Threat Intelligence and Incident Response (HYBRID)
MISSISSAUGA, ON, CA, L5S 1S7McCormick Canada continues its long track record of growth and is a respected leader in the spice, seasoning, flavouring and specialty food industry. Our consumer products division serves retail grocery customers and emerging channels with Club House, Billy Bee and McCormick products, while our Custom Flavour Solutions division serves food service distributors and other respected food manufacturers across Canada. McCormick Canada is part of the world leader in spice and seasonings, McCormick & Company Inc.The Power of People is one of our five pillars. It has been the foundation for McCormick's success for decades. There is something inspiring about working at McCormick. We have created an unusually dedicated workforce by fostering a culture of respect, recognition, inclusion and collaboration based on the highest ethical values. Without our employees, our success is not possible. Our commitment to our customers, our consumers and our employees is unsurpassed.Position Overview/Primary Purpose:This role works with the team that defines the strategic vision, roadmap, principals and standards for McCormick’s Threat Intelligence and incident response capabilities. The scope of this role includes providing expertise and understanding of the threat landscape working with different teams to mitigate risk and understand the threats that might impact our business. Provide expert knowledge of Threat Intelligence process and technologies including VM, SIEM, SOC, threat hunting, Incident response, and cloud security. In this role you will track, analyze, and respond to incoming threats and respond to incidents. You will be involved in the evolution of our threat intelligence program as we build new capabilities and enhance current ones for cloud security. Central to this is building the technology, processes and capabilities to identify threats across the infrastructure both on premise and in the cloud. To accomplish this, you will work closely with our internal security teams, managed service providers and other partners to help develop a threat intelligence program that is resilient and supportable.This position will provide the opportunity to assist in monitoring and protecting McCormick cloud applications and infrastructure, local infrastructure, and physical locations against intrusion, hacking attempts, viruses, malware, and vulnerabilities. You would play a key role in assisting the Security teams in implementing various security initiatives. This role will be an integral part of our Security Operations Centre (SOC) aligned with our threat intelligence and incident response teams.This position will also be responsible for working with other Security team members to respond to incidents, participate in security investigations and forensics, and lead, consult, and participate in IT projects and initiatives.This role reports to the Director of Cyber Security Threat Intelligence and Incident Response.Responsibilities:Assist with the development and maintenance of our security roadmap. Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the IT Security Leadership, where appropriate.Assist with the identification of the tools, processes and controls required to effectively secure the McCormick enterprise ensuring the confidentiality, integrity and availability of the Company’s information assets. Work with security team to deploy and operate the threat intelligence tools and processes.Assist with a variety of security applications and services such as Vulnerability management, SIEM, Firewalls, IDS/IPS, Content Filtering, Anti-Malware, Anti-Virus, Forensic and Data Loss / Leakage tools. The escalation of threats and incidents to management and the development of recommendations based on incident findings.Threat hunting, forensics, and incident response is included in daily responsibilities.Monitor and analyze traffic and events/alerts and advise on remediation actions.Review and assess impact and remediation actions for incidents escalated by Tier 1.Investigate intrusion attempts and perform in-depth analysis of exploits by correlating various sources and determining which system or data set is affected.Follow standard operating procedures for detecting, classifying, and reporting incidents.Demonstrate network expertise to support timely and effective decision making of when to declare an incident.Conduct proactive threat research.Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.Independently follow procedures to identify, contain, analyze, document and eradicate malicious activity.Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.Escalate information regarding intrusion events, security incidents, and other threat indications and warning information to the client.Track trends and configure systems as required to reduce false positives from true events.Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.Provide written analysis for monthly reports on an as-needed basis.Required Qualifications:Bachelor’s degree in Information Technology or in a relevant field.5 years experience working in a SOC environment, incident response, threat hunting, vulnerability management and SIEM.3 years experience working in a 24x7 global enterprise environment.Understanding of Security principles, techniques and technologies such as SANS Top 20 Critical Security Controls, NIST Cybersecurity Framework, CIS Controls and OWASP Top 10.Understanding of incident handling and forensics, Risk Assessment & Quantification methodologies, and familiarity with automated security monitoring systems and log correlation. Microsoft Windows and Unix Operating Systems basics.Proven experience in IT systems design and development of security tools and platforms such as Azure, Rapid 7, QRadar, Sentinel, Microsoft AD/Azure AD, and 365. Experience working with offensive security tools and processes.Possess an enterprise-wide view of security operations with varying degrees of appreciation for strategy, processes and capabilities, enabling technologies, and governance.Understand complex architecture concepts across multiple technologies within systems in a hybrid cloud architecture.Experience working in a team-oriented, collaborative environment.Exceptional communication skills and the ability to communicate appropriately at all levels of the organization; this includes written and verbal communications as well as visualizations.Positive approach to customer service with demonstrated ability to handle high pressure support needs in a calm, respectful, and efficient manner.Ability to maintain confidential and personal information.Preferred Qualifications:CCSK – Certificate of Cloud Security Knowledge.AWS Certified Solutions Architect – Associate.CEH – EC | Council Certified Ethical Hacker.ITIL Foundation v4.ITIL Intermediate – IT Service Operation.CISC – Certified Information Security Consultant.CPFA – Certified Professional Forensics Analyst.Microsoft Certified: Azure Security Engineer Associate.Throughout the selection process, accommodations for applicants with disabilities are available upon request. Please notify H.R. if required.WHY WORK AT MCCORMICK?
United by flavor. Driven by results.As a McCormick employee you’ll be empowered to focus on more than your individual responsibilities. You’ll have the opportunity to be part of something bigger than yourself—to have a say in where the company is going and how it’s growing.Between our passion for flavor, our 130-year history of leadership and integrity, the competitive and comprehensive benefits we offer, and our culture, which is built on respect and opportunities for growth, there are many reasons to join us at McCormick.
#J-18808-Ljbffr
MISSISSAUGA, ON, CA, L5S 1S7McCormick Canada continues its long track record of growth and is a respected leader in the spice, seasoning, flavouring and specialty food industry. Our consumer products division serves retail grocery customers and emerging channels with Club House, Billy Bee and McCormick products, while our Custom Flavour Solutions division serves food service distributors and other respected food manufacturers across Canada. McCormick Canada is part of the world leader in spice and seasonings, McCormick & Company Inc.The Power of People is one of our five pillars. It has been the foundation for McCormick's success for decades. There is something inspiring about working at McCormick. We have created an unusually dedicated workforce by fostering a culture of respect, recognition, inclusion and collaboration based on the highest ethical values. Without our employees, our success is not possible. Our commitment to our customers, our consumers and our employees is unsurpassed.Position Overview/Primary Purpose:This role works with the team that defines the strategic vision, roadmap, principals and standards for McCormick’s Threat Intelligence and incident response capabilities. The scope of this role includes providing expertise and understanding of the threat landscape working with different teams to mitigate risk and understand the threats that might impact our business. Provide expert knowledge of Threat Intelligence process and technologies including VM, SIEM, SOC, threat hunting, Incident response, and cloud security. In this role you will track, analyze, and respond to incoming threats and respond to incidents. You will be involved in the evolution of our threat intelligence program as we build new capabilities and enhance current ones for cloud security. Central to this is building the technology, processes and capabilities to identify threats across the infrastructure both on premise and in the cloud. To accomplish this, you will work closely with our internal security teams, managed service providers and other partners to help develop a threat intelligence program that is resilient and supportable.This position will provide the opportunity to assist in monitoring and protecting McCormick cloud applications and infrastructure, local infrastructure, and physical locations against intrusion, hacking attempts, viruses, malware, and vulnerabilities. You would play a key role in assisting the Security teams in implementing various security initiatives. This role will be an integral part of our Security Operations Centre (SOC) aligned with our threat intelligence and incident response teams.This position will also be responsible for working with other Security team members to respond to incidents, participate in security investigations and forensics, and lead, consult, and participate in IT projects and initiatives.This role reports to the Director of Cyber Security Threat Intelligence and Incident Response.Responsibilities:Assist with the development and maintenance of our security roadmap. Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the IT Security Leadership, where appropriate.Assist with the identification of the tools, processes and controls required to effectively secure the McCormick enterprise ensuring the confidentiality, integrity and availability of the Company’s information assets. Work with security team to deploy and operate the threat intelligence tools and processes.Assist with a variety of security applications and services such as Vulnerability management, SIEM, Firewalls, IDS/IPS, Content Filtering, Anti-Malware, Anti-Virus, Forensic and Data Loss / Leakage tools. The escalation of threats and incidents to management and the development of recommendations based on incident findings.Threat hunting, forensics, and incident response is included in daily responsibilities.Monitor and analyze traffic and events/alerts and advise on remediation actions.Review and assess impact and remediation actions for incidents escalated by Tier 1.Investigate intrusion attempts and perform in-depth analysis of exploits by correlating various sources and determining which system or data set is affected.Follow standard operating procedures for detecting, classifying, and reporting incidents.Demonstrate network expertise to support timely and effective decision making of when to declare an incident.Conduct proactive threat research.Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident.Independently follow procedures to identify, contain, analyze, document and eradicate malicious activity.Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.Escalate information regarding intrusion events, security incidents, and other threat indications and warning information to the client.Track trends and configure systems as required to reduce false positives from true events.Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.Provide written analysis for monthly reports on an as-needed basis.Required Qualifications:Bachelor’s degree in Information Technology or in a relevant field.5 years experience working in a SOC environment, incident response, threat hunting, vulnerability management and SIEM.3 years experience working in a 24x7 global enterprise environment.Understanding of Security principles, techniques and technologies such as SANS Top 20 Critical Security Controls, NIST Cybersecurity Framework, CIS Controls and OWASP Top 10.Understanding of incident handling and forensics, Risk Assessment & Quantification methodologies, and familiarity with automated security monitoring systems and log correlation. Microsoft Windows and Unix Operating Systems basics.Proven experience in IT systems design and development of security tools and platforms such as Azure, Rapid 7, QRadar, Sentinel, Microsoft AD/Azure AD, and 365. Experience working with offensive security tools and processes.Possess an enterprise-wide view of security operations with varying degrees of appreciation for strategy, processes and capabilities, enabling technologies, and governance.Understand complex architecture concepts across multiple technologies within systems in a hybrid cloud architecture.Experience working in a team-oriented, collaborative environment.Exceptional communication skills and the ability to communicate appropriately at all levels of the organization; this includes written and verbal communications as well as visualizations.Positive approach to customer service with demonstrated ability to handle high pressure support needs in a calm, respectful, and efficient manner.Ability to maintain confidential and personal information.Preferred Qualifications:CCSK – Certificate of Cloud Security Knowledge.AWS Certified Solutions Architect – Associate.CEH – EC | Council Certified Ethical Hacker.ITIL Foundation v4.ITIL Intermediate – IT Service Operation.CISC – Certified Information Security Consultant.CPFA – Certified Professional Forensics Analyst.Microsoft Certified: Azure Security Engineer Associate.Throughout the selection process, accommodations for applicants with disabilities are available upon request. Please notify H.R. if required.WHY WORK AT MCCORMICK?
United by flavor. Driven by results.As a McCormick employee you’ll be empowered to focus on more than your individual responsibilities. You’ll have the opportunity to be part of something bigger than yourself—to have a say in where the company is going and how it’s growing.Between our passion for flavor, our 130-year history of leadership and integrity, the competitive and comprehensive benefits we offer, and our culture, which is built on respect and opportunities for growth, there are many reasons to join us at McCormick.
#J-18808-Ljbffr