Director of Network Security – Zero Trust Platforms

Job Description

Job Description:
Cyber Third Party Risk Oversight Manager
Collaborate with Innovative 3Mers Around the World
Choosing where to start and grow your career has a major impact on your professional and personal life, so it’s equally important you know that the company that you choose to work at, and its leaders, will support and guide you. With a wide variety of people, global locations, technologies and products, 3M is a place where you can collaborate with other curious, creative 3Mers.
This position provides an opportunity to transition from other private, public, government or military experience to a 3M career.
The Impact You’ll Make in this Role
In this role, you will be responsible for overseeing the managed services provider (MSP) that conducts day-to-day third-party cybersecurity risk assessments, ensuring that our organization maintains a robust and resilient cybersecurity posture. Your oversight will be crucial in evaluating the effectiveness of the MSP’s activities, ensuring that they thoroughly assess the security practices of our third-party vendors, identify potential vulnerabilities, and implement appropriate risk mitigation measures. By closely monitoring the MSP’s performance, you will ensure that their assessments are accurate, comprehensive, and aligned with our organization’s security standards and regulatory requirements. Through your diligent oversight and strategic guidance, you will play a key role in protecting our organization’s data and systems from external threats, thereby safeguarding our business operations and maintaining the trust of our customers and partners.
Here, you will make an impact by:* Oversee the managed services relationship which is responsible for conducting third-part cybersecurity risk assessments
* Review and approve the quality of vendor risk assessments conducted by managed services, ensuring they meet organizational standards
* Monitor the managed services provider’s performance, ensuring adherence to SLAs and agreed KPIs
* Conduct regular service delivery reviews, providing feedback to improve their performance and efficiency
* Broker with MSs third party security risk management support to business department/relationship owner when forming new client relationships or when engaging in new products/services from existing clients
* Collaborate with MSs to address identified risks and ensure timely implementation of remediation plans
* Support escalation from MSs when risk decisions needs to be raised to 3M
* Work with executive leadership to present risk findings from metrics provided by MSs monthly through CISO dashboard
* Partner with Procurement on net new vendor requests/renewals

Your Skills and Expertise:
To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications:* Bachelor’s degree or higher (completed and verified prior to start)
* Ten (10) years of experience in information technology in a private, public, government or military environment

Additional qualifications that could help you succeed even further in this role include:* Analytical Skills: Excellent analytical and problem-solving skills to evaluate risk assessment findings, identify vulnerabilities, and develop effective mitigation strategies.
* Communication Skills: Strong written and verbal communication skills to effectively convey complex cybersecurity issues and risk assessment results to both technical and non-technical stakeholders.
* Project Management: Proficiency in project management, including the ability to oversee multiple assessments, track progress, and ensure timely completion of remediation activities.
* Collaboration: Ability to work collaboratively with internal teams, including IT, legal, compliance, and business units, to ensure a cohesive approach to cybersecurity risk management.
* Attention to Detail: High level of attention to detail to ensure accuracy and thoroughness in risk assessments and reporting.
* Cybersecurity Knowledge: In-depth understanding of cybersecurity principles, practices, and frameworks, including risk assessment methodologies and threat management.
* Third-Party Risk Management: Proven experience in managing third-party risk, including conducting and overseeing third-party cybersecurity risk assessments.
* Regulatory Compliance: Familiarity with relevant regulatory requirements and industry standards (e.g., GDPR, CCPA, ISO 27001, NIST) and the ability to ensure compliance.
* Vendor Management: Strong experience in managing relationships with managed services providers (MSPs) and other third-party vendors, ensuring service quality and adherence to contractual obligations.
* Continuous Improvement: Commitment to staying current with the latest cybersecurity trends, threats, and best practices, and continuously improving the organization’s risk management processes.

Work location:* Work Your Way Eligible (hybrid) – Minneapolis & Austin

Travel: In-Office Tuesday/Wednesday/Thursday
Relocation Assistance: May be Authorized
Must be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status).
Supporting Your Well-being
3M offers many programs to help you live your best life – both physically and financially. To ensure competitive pay and benefits, 3M regularly benchmarks with other companies that are comparable in size and scope.
Chat with Max
For assistance with searching through our current job openings or for more information about all things 3M, visit Max, our virtual recruiting assistant on 3M.com/careers.
Applicable to US Applicants Only:The expected compensation range for this position is $222,044 – $271,387, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidate’s relevant knowledge, training, skills, work location, and/or experience. In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.). Additional information is available at: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/.
Good Faith Posting Date Range 03/14/2025 To 04/13/2025 Or until filled
All US-based 3M full time employees will need to sign an employee agreement as a condition of employment with 3M. This agreement lays out key terms on using 3M Confidential Information and Trade Secrets. It also has provisions discussing conflicts of interest and how inventions are assigned. Employees that are Job Grade 7 or equivalent and above may also have obligations to not compete against 3M or solicit its employees or customers, both during their employment, and for a period after they leave 3M.
Learn more about 3M’s creative solutions to the world’s problems at www.3M.com or on Instagram, Facebook, and LinkedIn @3M.
Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties.
Pay & Benefits Overview: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/
3M is an equal opportunity employer. 3M will not discriminate against any applicant for employment on the basis of race, color, religion, sex, sexual orientation, pregnancy, gender identity, national origin, age, disability, or veteran status.
Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.
3M Global Terms of Use and Privacy Statement

Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms.