McCormick & Company, Inc., a global leader in the spice, flavor, and seasonings industry, is seeking a full-time IAM Engineer II. This position will report to the IT Security IAM Manager. 

McCormick & Company, Incorporated is a global leader in flavor with approximately 13,000 employees worldwide. As a Fortune 500 company with over $5 billion in annual sales across 160 countries and territories, we manufacture, market, and distribute spices, seasoning mixes, condiments, and other flavorful products to the entire food industry including e-commerce, retail, food manufacturers and foodservice businesses. Our most popular brands include McCormick, French's, Frank's RedHot, Stubb's, OLD BAY, Lawry's, Zatarain's, Ducros, Vahiné, Cholula, Schwartz, Kamis, DaQiao, Club House, Aeroplane, and Gourmet Garden. Every day, no matter where or what you eat or drink, you can enjoy food flavored by McCormick. Our Purpose is "To Stand Together for the Future of Flavor and our Vision is "A World United by Flavor—where healthy, sustainable and delicious go hand in hand."

As a company recognized for its exceptional commitment to employees, McCormick offers a wide variety of benefits, programs, and services. Benefits include, but are not limited to, tuition assistance, medical, dental, vision, disability, group life insurance, 401(k), profit sharing, paid holidays, and vacations.

McCormick & Company, Inc., a world leader in the spice, flavor and seasonings industry, is seeking a full time IAM Engineer II. This position will report to the IT Security IAM Manager.

Position Overview/Primary Purpose:

The IAM Engineer will be a member of an experienced team of Identity and Access Management (IAM) professionals to provide expertise, knowledge and operational support of the Identity Management solution landscape and functions including provisioning, federation, role/entitlement reviews, authentication, and access management for the cloud and on premise. This role with work with cross-functional teams to provide expertise and understand to engineer, rationalize, and support IAM toolsets and services to a coherent future state of the IAM service footprint and solutions that drive business growth, performance. The role will also be responsible for working with customers, IT teams and service provider teams to review and process security requests, continuously improve service delivery for the function, upholding IT Service Management SLAs and meeting compliance requirements.

Responsibilities:

• Contribute to IAM security service delivery through monitoring, controlling, and supporting the execution of security service delivery including requests, incidents, root cause, problem and change management in compliance to ITSM policies and process.
• Provide post implementation support and regular system maintenance and support which will periodically require off-hours, weekend, and on-call support.
• Implement and maintain core cyber IAM security capabilities, technologies and systems.
• Identify potential threats, exploit attempts and other security events related to IAM. Make recommendations and/or take action to mitigate these issues as appropriate. Actively contribute to and participate in security incident response as needed.
• Proactive project participant responsible for completion of projects tasks in areas of responsibility.
• Identify risks both operational and security during day to day activities and during specific, targeted efforts. Make recommendations and/or take action to mitigate these issues as appropriate.
• Regularly review IAM security technologies, infrastructure and systems to ensure compliance and best practices are being followed and where necessary, resolve and/or escalate inconsistencies and issues.
• Contribute to strategic planning and road mapping and preparing draft high level plans to realize the plan.
• Develop and maintain IAM security relevant skills and knowledge, both technical and non-technical, through training, certifications, and other means.
• Define and maintain configuration lifecycle within cyber security policies.
• Contribute to sizing and budget estimation processes to align with application and solution life cycle/renewal schedules.
• Lead for assessing IAM security capabilities/solutions and how best to integrate them across the enterprise whilst being an evangelist in driving innovations.
• Maintain all IAM security diagrams, inventories and process documentation.
• Analyze business requirements and specifications and propose solutions that fit to standards, compliance, and operational requirements.
• Maintain, review and certify any IT and SOX controls as assigned.
• Build, test and rollout of enterprise Identity and Access Management solutions in collaboration with internal and external resources.

Required Qualifications:

• AA Degree in Business or technical degree. May consider 4 years of related experience in lieu of degree
• At least two of the preferred qualifications or equivalent certifications
• Minimum of 3-5 years of technical experience in Information Technology (IT) including a minimum 2 years specifically as an Identity Access Management professional.
• Experience with architecture and implementations of IDM solutions such as: SailPoint IIQ and CyberArk.
• Experience with Active Directory (Azure AD & AD) and LDAP knowledge for integration to AD
• Experience with Active Directory and Azure IAM Solutions such as: MFA, Conditional Access, PIM, RBAC, Key Vaults, Certificate Authority, SSO integrations, B2B/B2C/Guest identities, etc.
• Experience with SAP systems and IDM integrations
• Experience with IDM workflows including coding/scripting for IDM workflows and provisioning, and the ability to build and maintain complex IDM workflows.
• Experience with technical aspects of IDM in all the following areas:

a. Installation and Maintenance of IDM software

b. Setup and configuring of IDM provisioning framework

c. Performing IDM transports (export/import)

d. Building of IDM repositories and troubleshooting of connection problems

• Solid understanding of Identity Management (IDM), Single Sign on (SSO), and security concepts.
• Hands on integration and deployment experience with the SailPoint, CyberArk (PAM) and other Identity Management and Access Management products.
• Must be able to multi-task and set priorities
• Must have experience in a collaborative, multi-disciplined, globally diverse team environment.
• Exceptional communication skills and the ability to communicate appropriately at all levels of the organization; this includes written and verbal communications as well as visualizations.
• The ability to act as a liaison conveying information needs of the business to IT and system constraints back to the business
• Strong interpersonal and consultative skills.
• Positive approach to customer service with demonstrated ability to handle high pressure support needs in a calm, respectful, and efficient manner.
• Ability to maintain confidential and personal information.
• Proficiency in English, both written and verbal

Preferred Qualifications:

• Bachelor's degree in Information Technology or in a relevant field
• Certified Identity and Access Manager (CIAM), Certified Identity Management Professional (CIMP), CyberArk Trustee or greater, Certified Ethical Hacker (CEH), Certified Information Privacy Professional (CIPP), Certified Information Security Manager (CISM), CIP (Certified Information Professional), CompTIA Security , SANS GIAC Security Essentials, Certified in Risk and Information Systems Control (CRISC), Cloud Certification (AWS, GCP, Azure), Certificate of Cloud Security Knowledge (CCSK), Offensive Security Certified Professional (OCSP), ITIL, or other relevant security certification
• 2 year public cloud IaaS experience (Azure)

McCormick & Company is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected veteran status, age, or any other characteristic protected by law.

As a general policy, McCormick does not offer employment visa sponsorships upon hire or in the future.