Cybersecurity Strategy & Program Sr. Manager (HYBRID)

Job Description

Company: McCormick & Company

Location: Annapolis, US

You may know McCormick as a leader in herbs, spices, seasonings, and condiments – and we’re only getting started. At McCormick, we’re always looking for new people to bring their unique flavor to our team. McCormick employees – all 14,000 of us across the world – are what makes this company a great place to work.

We are looking to hire an Cybersecurity Strategy & Program Sr. Manager immediately in a Hybrid (50/50) capacity at our Global Headquarters in Hunt Valley, Maryland.

What We Bring To The Table: The best people deserve the best rewards. In addition to the benefits you’d expect from a global leader (401k, health insurance, paid time off, etc.) we also offer: Competitive compensation Career growth opportunities Flexibility and Support for Diverse Life Stages and Choices Wellbeing programs including

Position Overview The Cybersecurity Strategy & Program Sr. Manager serves as the connective tissue between security leadership, technical teams, and the broader business, ensuring that security is embedded into every decision we make. We believe in proactive protection, transparent communication, and empowering every employee to be a guardian of our data and systems.

The role is a critical component of the cybersecurity leadership team—turning vision into action. Orchestrates high-impact security initiatives, streamline governance processes, and ensures the security strategy is not only understood but embraced across the organization. The role directly influences how we protect our customers, our brand, and our future.

Partner with the CISO to define, track, and communicate the company’s cybersecurity strategy, priorities, and progress. Lead cross-functional security programs—such as enterprise risk & program assessments, compliance readiness, and data protection improvements. Develop and maintain executive-level dashboards, metrics, and reports that translate complex security metrics into clear business insights.

Coordinate security governance forums, steering committees, and leadership briefings. Ensure alignment between security initiatives and business objectives, working closely with IT, EA, corporate security, strategic risk, legal, and cybersecurity teams. Provide decision-making support through analysis and recommendations and escalation of cyber risk decisions to appropriate committees.

Manage stakeholder relationships, serving as a proxy or gatekeeper for the CISO, and synthesizing information for executive decisions. Drive continuous improvement in security processes, documentation, and communication.

Key Responsibilities

Strategy Development Support

Assists CISO in developing and implementing a comprehensive cybersecurity strategy that aligns business objectives and industry standards. Gains industry data and trends, business priority and strategy, stakeholder input and analysis of key data inputs to help CISO monitor and adjust cybersecurity strategy to changing trends while maintaining alignment to business strategy. Ensuring that the organization’s strategies are clearly defined, operationally feasible, and aligned across teams Team Alignment to Strategy: Collaborating with other departments to ensure a cohesive approach to cybersecurity across the organization.

Cybersecurity Program Initiatives Oversight:

Supporting strategic business initiatives, from business plan development through successful execution. Holding PMs accountable for delivery. Provides reporting of status to CISO and Cybersecurity Governance Committees. This includes initiatives outside of CISO responsibility such as BCP, Physical Security, and IT projects that have cybersecurity impact (Tech Modernization). Overseeing special projects and managing cross-functional teams to anticipate risks through data analysis and planning.

Cybersecurity Governance Structure

Manages agenda, membership, reporting, tracking of actions, presentation materials development, and facilitates meetings as necessary and escalation of cybersecurity risk decisions Decision Support: Providing decision-making support through analysis and recommendations and escalation of cyber risk decisions to appropriate committees. Managing stakeholder relationships, serving as a proxy or gatekeeper for the CISO, and synthesizing information for executive decisions.

Reports & Communication:

Research & develop content for communications needed by CISO for cybersecurity governance committees, audit committee and board reports, C-suite executives, and various stakeholders. Provides regular reporting on current security landscape, cyber trends, threats, and effectiveness of security program.

Metrics: Oversees and executes the development, review, and regular stakeholder reporting of cybersecurity dashboards and metrics. Collaborates across cybersecurity team to assure metrics are appropriate and relevant. Provides reports to

Source: BeBee