Head of Cyber Security Architecture & Engineering

Job Description:

Head of Cybersecurity Architecture and Engineering

Collaborate with Innovative 3Mers Around the World

Choosing where to start and grow your career has a major impact on your professional and personal life, so it’s equally important you know that the company that you choose to work at, and its leaders, will support and guide you. With a wide variety of people, global locations, technologies and products, 3M is a place where you can collaborate with other curious, creative 3Mers.

This position provides an opportunity to transition from other private, public, government or military experience to a 3M career.

The Impact You Will Make in this Role

The Head of Cybersecurity Architecture & Engineering is responsible for leading the design, development, and implementation of the organization’s cybersecurity architecture and engineering strategies. This role ensures that security principles are embedded into all IT and business initiatives, protecting the company’s assets, data, and infrastructure against evolving cyber threats and in compliance with regulatory standards such as CMMC, ISO 27001, NIST CSF, NIS2, and industry-specific frameworks (TOGAF, SABSA).

Here, you will make an impact by:

Leadership & Team Management

• Build, mentor, and lead a team of cybersecurity architects and engineers, fostering a culture of innovation and continuous improvement.
• In collaboration with the security awareness team, provide guidance and training on security best practices to IT teams, developers, and business units.
• Act as a senior advisor to executives and key stakeholders on cybersecurity risks and strategies.

Cybersecurity Architecture & Strategy

• Develop and maintain a comprehensive cybersecurity architecture framework that aligns with business objectives and regulatory requirements.
• In collaboration with the IT Governance, Risk, and Compliance (GRC) team, develop and implement technical standards and best practices to ensure compliance with IT policies and control objectives for enterprise IT, cloud, and emerging technologies. This includes specifying configurations, protocols, and procedures that align with these policies and objectives.
• Provide strategic direction on security infrastructure, identity management, data protection, and threat mitigation techniques.   This includes defining architectural standards and patterns, and incorporating threat modeling into reference architecture.
• Collaborate with IT and business teams to integrate security into cloud, DevOps, data, and application architecture.  Define security controls for emerging technologies including AI, IoT
   

Security Engineering & Technology Implementation

• Oversee the design, deployment, and maintenance of security technologies, including firewalls, intrusion detection systems, endpoint protection, encryption, and cloud security controls.
• Lead security technology evaluations and recommend solutions to enhance the organization’s security posture.
• Ensure security tools and processes integrate seamlessly with IT and DevOps environments.
   

Risk Management & Compliance

• Collaborate with risk management teams to assess and mitigate cybersecurity risks across the organization.

• Ensure architecture designs and related implementations follow the appropriate regulatory frameworks and industry standards such as NIST, ISO 27001, GDPR and PCI-DSS.
• Work closely with internal and external auditors to address security gaps and remediate vulnerabilities.
   

Threat Intelligence & Incident Response Support

• Collaborate with security operations teams to enhance threat intelligence, detection, and response capabilities.
• Support incident response efforts by providing architectural insights and forensic analysis recommendations.
• Support the adoption of automation and AI-driven security technologies to improve threat detection and response

Your Skills and Expertise:

To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications:

• Bachelor’s degree or higher (completed and verified prior to start).
• Ten (10) years of experience in Cybersecurity in a private, public, government, or military environment.
• Three (3) years in a vulnerability management leadership role.

Additional qualifications that could help you succeed even further in this role include:

• CISSP certification or one of the following certifications: CISM, OSCP or GIAC.
• Experience in operating and managing a vulnerability management program in a large enterprise environment with a global footprint.
• Ability to engage stakeholders at different levels to drive vulnerability reduction across the environment.
• AWS/Azure security certifications.
• Excellent communication, negotiation, and relationship-building skills.
• Strong analytical and problem-solving skills.
• Strong ability to influence and collaborate across cross-functional teams.
• Strong knowledge of cybersecurity frameworks and standards (e.g., CMMC, NIST CSF, ISO 27001, COBIT, or NIS2).
• Experience with automated vulnerability management tools and processes.
• Familiarity with regulatory compliance requirements and audit processes.
• Ability to stay current with the latest cybersecurity trends and threats.
• Strong Knowledge Security Architecture frameworks (TOGAF, SABSA)

Work location:

Work Your Way Eligible (hybrid) – Job duties allow for some remote work but require travel to Maplewood, MN and Austin, TX

Travel: In-Office Tuesday/Wednesday/Thursday

Relocation Assistance: May be authorized

Must be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status).

Supporting Your Well-being

3M offers many programs to help you live your best life – both physically and financially. To ensure competitive pay and benefits, 3M regularly benchmarks with other companies that are comparable in size and scope.

 

Chat with Max

For assistance with searching through our current job openings or for more information about all things 3M, visit Max, our virtual recruiting assistant on 3M.com/careers.

Applicable to US Applicants Only:The expected compensation range for this position is $259,007 - $316,564, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidate’s relevant knowledge, training, skills, work location, and/or experience. In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.). Additional information is available at: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/.

Good Faith Posting Date Range 03/26/2025 To 04/25/2025 Or until filled

All US-based 3M full time employees will need to sign an employee agreement as a condition of employment with 3M. This agreement lays out key terms on using 3M Confidential Information and Trade Secrets. It also has provisions discussing conflicts of interest and how inventions are assigned. Employees that are Job Grade 7 or equivalent and above may also have obligations to not compete against 3M or solicit its employees or customers, both during their employment, and for a period after they leave 3M.

Learn more about 3M’s creative solutions to the world’s problems at www.3M.com or on Instagram, Facebook, and LinkedIn @3M.

Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties.

Pay & Benefits Overview: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/

3M is an equal opportunity employer. 3M will not discriminate against any applicant for employment on the basis of race, color, religion, sex, sexual orientation, pregnancy, gender identity, national origin, age, disability, or veteran status.

Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.

3M Global Terms of Use and Privacy Statement

Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms.

Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application, you will be asked to confirm your agreement with the terms.