Incident Response Lead - Cybersecurity (HYBRID)

McCormick Canada continues its long track record of growth and is a respected leader in the spice, seasoning, flavouring and specialty food industry. Our consumer products division serves retail grocery customers and emerging channels with Club House, Billy Bee and McCormick products, while our Custom Flavour Solutions division serves food service distributors and other respected food manufacturers across Canada. McCormick Canada is part of the world leader in spice and seasonings, McCormick & Company Inc.

The Power of People is one of our five pillars. It has been the foundation for McCormick's success for decades. There is something inspiring about working at McCormick. We have created an unusually dedicated workforce by fostering a culture of respect, recognition, inclusion and collaboration based on the highest ethical values. Without our employees, our success is not possible. Our commitment to our customers, our consumers and our employees is unsurpassed.

Position Overview:

We are looking to hire a Cyber Incident Response Lead to join our Cybersecurity Threat Management team. The Cyber Incident Response Lead, reporting to the Director of Cybersecurity Threat Management, will be responsible for Incident Response processes and coordination during incidents. Additionally, this person will assist the Director of Cybersecurity Threat Management with planning and execution of strategic security projects.

Key Responsibilities:

1. Lead Incident Response activities including coordination and management of end-to-end process
2. Develop and maintain Incident Response Plans including creation, review, and updates to ensure effective response to enterprise security incidents
3. Coordinate with internal and external teams including IT, Legal, HR, Privacy, MSPs, and Vendors to ensure coordinated response to enterprise security incidents
4. Prepare detailed reports on incidents, including timelines, impact assessments, and mitigation actions taken
5. Develop and conduct incident response training sessions and tabletop exercises for the threat detection and response team and other stakeholders
6. Develop and track key performance indicators and metrics to measure the effectiveness of the incident response program
7. Assist in the planning, execution, and management of strategic cybersecurity projects, ensuring alignment with McCormick business objectives
8. Develop and maintain project schedules, track milestones, and ensure projects stay on track and within scope

Required Qualifications:

1. Bachelor's degree in computer science, information security, related degree, or measurable knowledge from serving in industry/military/government unit.
2. GCIA, GCIH, CREM, GIAC, CISSP or other relevant security professional certifications
3. Minimum 8 years’ professional experience working in cybersecurity or information technology
4. Minimum 3 years' experience in an incident response or security operations center role
5. Familiarity with incident response frameworks and methodologies, including frameworks like NIST 800-61 and MITRE ATT&CK.
6. Proven experience working with cross-functional teams within a large organization
7. Proven ability to successfully collaborate with business and technology leaders and teams
8. Experience with developing and implementing incident response plans
9. Experience with reporting and communicating incident details, improving incident response processes and recovering from security incidents

Throughout the selection process, accommodations for applicants with disabilities are available upon request. Please notify H.R. if required.