Cybersecurity GRC Analyst II (HYBRID)

You may know McCormick as a leader in herbs, spices, seasonings, and condiments - and were only getting started. At McCormick, were always looking for new people to bring their unique flavor to our team. McCormick employees - all 14,000 of us across the world - are what makes this company a great place to work.

We are looking to hire an Cybersecurity GRC Analyst II immediately in a Hybrid (50/50) capacity at our Global Headquarters in Hunt Valley, Maryland.

What We Bring To The Table: The best people deserve the best rewards. In addition to the benefits youd expect from a global leader (401k, health insurance, paid time off, etc.) we also offer:

• Competitive compensation
• Career growth opportunities
• Flexibility and Support for Diverse Life Stages and Choices
• Wellbeing programs

Position Overview The Cybersecurity GRC Analyst is a key member of the Cybersecurity Governance, Risk, and Compliance team and will report to the Senior Manager, Cybersecurity Governance, Risk & Compliance. This position will be responsible for coordinating Sarbanes Oxley compliance activities for McCormicks systems across the organization as well as supporting the execution of and response to IT audits.

The ideal candidate has a strong work ethic along with strong organizational, project management, and problem-solving skills. Additional key qualities include the ability to work with others to drive results. This position requires excellent verbal and written communication skills spanning across all levels of management. Candidates must thrive in a demanding, fast-paced work environment that is energetic, driven, and team-oriented.

This role will also work with SMEs across the organization to mature/design security controls & mitigate risk.

Key Responsibilities

• Assist in coordinating Global IT SOX process across all regions and segments including on-going evaluation of proposed changes to McCormicks internal controls over financial reporting including IT general controls as well as application controls.
• Annual SOX scoping to determine the "coverage" of tested IT SOX controls.
• Coordination of quarterly SOX controls testing and certifications.
• Coordination of remediation activities (as required).
• Developing training materials and providing training to McCormick IT team members with respect to SOX controls and performance.
• Coordinating with McCormicks external auditors with respect to their SOX audit procedures.
• Monitor the performance of the key McCormick compliance program components and related activities on a continuing basis and reporting to management as appropriate.
• Support McCormick IT transformational projects, internal IT projects, and ad hoc internal control requests from partners across the Globe.
• Understand Internal Audit processes related to planning, testing, and reporting for both SOX and Audit projects.
• Perform testing activities related to SOX compliance, key audit objectives, data analytics, etc.
• Report against in progress corrective action plans for resolution of problematic issues and provide management with summary information on the status of the portfolio of corrective action plan.
• Discuss audit and control issues with management; support efforts in formulating recommendations for process improvements during financial & operational audits and control gap remediation identified during SOX testing.
• Ability to execute a detailed audit plan and identify risk areas, develop action plans, and monitor completion.
• Draft clear, concise audit reports that communicate key insights and observations to functional/business personnel and executive leadership.
• Demonstrate effective teaming skills with the ability to work independently as needed; leading initiation, execution, and completion to finalization and reporting for key work tasks.

Required Qualifications

• Bachelors degree in Information Technology, Information Systems, Risk Management, Accounting or similar.
• 5-8 years of experience related to internal/external audit, information technology, or internal controls.
• Internal/External Audit, Sarbanes-Oxley, or other internal control (IT or operational) project experiences.
• CISSP, CISM, CRISC, or CISA preferred but not required.

#LI-NP2

McCormick & Company is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.

As a general policy, McCormick does not offer employment visa sponsorships upon hire or in the future.

Base Salary: $74,330-$130,080 Base salary compensation will be determined based on factors such as geographic location, skills, education, experience for this role, and/or internal equity of our current employees as part of any final offer.

This position is also eligible to participate in McCormicks Incentive Bonus (MIB) Plan.

In addition to a competitive compensation package, permanent employees of McCormick are eligible for our extensive Total Rewards programs that include:

• Comprehensive health plans covering medical, vision, dental, life and disability benefits
• Family-friendly benefits such as paid parental leave, fertility benefits, Employee Assistance Program, and caregiver support
• Retirement and investment programs including 401(k) and profit-sharing plans