You may know McCormick as a leader in herbs, spices, seasonings, and condiments – and we’re only getting started. At McCormick, we’re always looking for new people to bring their unique flavor to our team.
McCormick employees – all 14,000 of us across the world – are what makes this company a great place to
work.
We are looking to hire an Sr. OT Cybersecurity Engineer immediately in a Hybrid (50/50) capacity at our Global Headquarters in Hunt Valley, Maryland.
What We Bring To The Table:
The best people deserve the best rewards. In addition to the benefits you’d expect from a global leader (401k, health insurance, paid time off, etc.) we also offer:
• Competitive compensation
• Career growth opportunities
• Flexibility and Support for Diverse Life Stages and Choices
• Wellbeing programs including Physical, Mental and Financial wellness
• Tuition assistance
Position Overview:
The Senior OT Security Engineer acts as a technical leader for securing operational technology (OT) environments across McCormick’s plants, manufacturing, and production systems. This role combines deep hands-on OT security expertise with strategic oversight, ensuring that industrial cybersecurity controls, architectures, and processes meet evolving threats, compliance requirements, and business objectives.
In addition to implementing and managing OT security tools and segmentation strategies, the Senior OT Security Engineer will lead complex incident investigations, guide architecture decisions, mentor junior engineers, and collaborate with global operations, engineering, and IT teams to integrate security into all layers of the OT environment in alignment with industrial standards such as ISA/IEC 62443 and NIST SP 800-82.
This potion offers the opportunity to influence security strategy, lead large scale technical initiatives, and play a key role in enhancing the organization’s overall security resilience in a dynamic and collaborative environment.
Key Responsibilities:
Description
-Lead the implementation, management, and optimization of OT security tools and technologies (e.g., firewalls, secure remote access, asset discovery, endpoint protection) across industrial networks.
-Design and enforce robust network segmentation strategies, ensuring secure, controlled connectivity between IT and OT environments.
-Serve as the escalation point for complex OT security incidents, providing root cause analysis, remediation guidance, and lessons learned.
-Conduct and oversee firewall rule reviews, configuration optimization, and access control clean-ups to enforce the least privilege and reduce risk.
-Maintain and update OT security baselines and hardening standards based on emerging threats, industry intelligence, and compliance requirements.
-Ensure OT security controls meet industry standards (ISA/IEC 62443, NIST SP 800-82), internal policies, and audit readiness, supported by accurate documentation (SOPs, architecture diagrams, firewall records, change logs).
-Drive continuous improvement in OT security architecture, tools, and processes, aligning initiatives with the organization’s cybersecurity roadmap.
-Collaborate with operations, plant engineering, IT, and corporate security to align security measures with production needs and business priorities.
-Translate OT-specific risks and vulnerabilities into actionable recommendations for both technical and non-technical stakeholders.
-Mentor and guide OT security engineers and analysts, fostering skill development and sharing knowledge across the team.
-Evaluate and recommend emerging OT security solutions that enhance industrial cybersecurity posture.
-Represent OT security in governance forums, change management processes, and enterprise-wide security initiatives to ensure integration with broader security strategies.
Qualifications:
-Bachelor’s degree in information technology, Computer Science or relevant field.
-Three or More of: GIAC Certified, CCSK, OCSP, CISSP (Certified Information Systems Security Professional), Cloud Certified (AWS (Amazon Web Services), GCP Azure), CEH, ITIL, CCNS, CISC, CPFA, RHCE, Microsoft Certification, Security+, Checkpoint CCSE or other related security certification
-8-12 years’ experience in a cyber security engineer or architecture role
-Broad and in-depth knowledge of cyber security technologies
-Strong hands-on experience with firewalls (CheckPoint, Palo Alto, Fortinet) in OT settings, with emphasis on secure network segmentation.
-Expertise in OT asset discovery and vulnerability identification solutions.
-Familiarity with OT-specific protocols such as Modbus, DNP3, BACnet, and their security considerations.
-Strong understanding of OT security frameworks and standards (ISA/IEC 62443, NIST SP 800-82, etc.).
-Proven ability to harden industrial control systems, secure communications, and maintain system integrity.
-Comprehensive technical knowledge of all areas within IT plus a comprehensive understanding of all business functions and how their processes and resources interact is required.
Other skills and competencies:
-Must be able to multi-task and set priorities
-Must have experience leading and working in a collaborative, multi-disciplined, globally diverse team environment.
-Effective communication skills and the ability to communicate appropriately at all levels of the organization; this includes written and verbal communications as well as visualizations
-Strong consultative skills
-Positive approach to customer service with demonstrated ability to handle high pressure support needs in a calm, respectful, and efficient manner
-Must be able to provide sound, convincing arguments based on qualitative data.
-Conflict resolution skills.
-Attention to detail and follow through.
-Demonstrated ability to manage both technical and business relationships and liaise on the information needs of the business to IT and system constraints back to the business.
-Ability to maintain confidential and personal information.
-Demonstrated leader of continuous improvement ideas and implementations
-Ability to operate a multi-cultural and multi-lingual environment both with team members and internal customers (critical)
-Ability to discuss technical information with non-technical individuals across multiple cultures in multiple countries. (critical)
-English fluency (critical)
#LI-NP2
McCormick & Company is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.
As a general policy, McCormick does not offer employment visa sponsorships upon hire or in the future.
Base Salary: $103,520 - $181,150
Base salary compensation will be determined based on factors such as geographic location, skills, education, experience for this role, and/or internal equity of our current employees as part of any final offer. This position is also eligible to participate in McCormick’s Incentive Bonus (MIB) Plan. In addition to a competitive compensation package, permanent employees of McCormick are eligible for our extensive Total Rewards programs that include:
- Comprehensive health plans covering medical, vision, dental, life and disability benefits - Family-friendly benefits such as paid parental leave, fertility benefits, Employee Assistance Program, and caregiver support - Retirement and investment programs including 401(k) and profit-sharing plans
