Director of Cyber and Technology Risk Oversight

Job Description:

Cyber and Technology Risk Oversight:

Collaborate with Innovative 3Mers Around the World

Choosing where to start and grow your career has a major impact on your professional and personal life, so it’s equally important you know that the company that you choose to work at, and its leaders, will support and guide you. With a wide variety of people, global locations, technologies and products, 3M is a place where you can collaborate with other curious, creative 3Mers.

This position provides an opportunity to transition from other private, public, government or military experience to a 3M career.

The Impact You’ll Make in this Role

The Director of Cyber and Technology Risk Oversight is a senior leadership position responsible for strategically managing and governing 3M's cyber and technology risk environment.

As a Director of Cyber and Technology Risk Oversight, this role involves leading a team of professionals and providing executive oversight to the managed services provider tasked with conducting cyber risk assessments of technology, third-party reviews, and emerging technologies. In this role, you will set the strategic vision, establish risk tolerance thresholds, and ensure consistent execution of risk processes across the enterprise. Additionally, you will oversee key risk functions, including operational risk management of the cyber/IT risk registers, handling findings, and managing cyber risk aspects of M&A and divestiture activities. Here, you will make an impact by:

Strategic Leadership:

• Develop and implement a comprehensive cyber and technology risk management strategy aligned with organizational goals.
• Set strategic vision and establish risk tolerance thresholds.

Risk Assessment and Management:

• Oversight of the identification, assessment, and prioritization of cyber and technology risks.
• Oversight the development and execution of risk mitigation plans.

Team Leadership:

• Manage and mentor a team of Cyber risk management professionals.
• Foster a culture of risk awareness and proactive management.

Governance and Compliance:

• Ensure compliance with relevant industry standards, regulations, and best practices through risk assessments.
• Oversee the execution of risk processes consistently across the enterprise.

Vendor and Third-Party Oversight:

• Provide executive oversight of managed services providers responsible for assessments, third-party reviews.

Operational Risk Management:

• Oversee operational risk functions, including cyber/IT risk registers and finding management.
• Manage cyber risk components of M&A and divestiture activities.

Reporting and Communication:

• Communicate risk management strategies and outcomes to executive leadership and stakeholders.
• Prepare and present risk reports and dashboards.

Your Skills and Expertise:

To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications:

• Bachelor’s degree or higher (completed and verified prior to start)
• Ten (10) years of experience in Cybersecurity in a private, public, government, or military environment
• Five (5) years of management and/or supervisor experience
• CISSP certification
• One of the following certifications: SANS OR ISACA CGEIT, CISA, CISM, ISO 31000 CRISC, ISO 27001 Lead Auditor

Additional qualifications that could help you succeed even further in this role include:

• Master’s degree in computer engineering, computer systems or information technology field from an accredited institution
• Excellent communication, negotiation, and relationship-building skills.
• Strong analytical and problem-solving skills
• Ability to work collaboratively with internal teams and external vendors.
• Deep understanding of cyber risk frameworks and methodologies (NIST CSF/RMF, ISO 27001/27005, COBIT, etc.)
• Experience overseeing third-party cyber risk processes
• Familiarity with GRC tools and risk tracking platforms (e.g., ServiceNow, Archer, OneTrust)
• Experience working with managed service providers or co-sourced risk execution models
• Strong leadership presence and communication skills across technical and business stakeholders

Work location:

• Hybrid Eligible (Job duties allow for some remote work but require travel to Maplewood, MN OR Austin, TX at least 3 days per week)
• Maplewood, MN OR Austin, TX

Travel: In-Office Tuesday/Wednesday/Thursday

Relocation Assistance: Is authorized

Must be legally authorized to work in the country of employment without sponsorship for employment visa status (e.g., H1B status).

Supporting Your Well-being 

3M offers many programs to help you live your best life – both physically and financially. To ensure competitive pay and benefits, 3M regularly benchmarks with other companies that are comparable in size and scope. 

Chat with Max

For assistance with searching through our current job openings or for more information about all things 3M, visit Max, our virtual recruiting assistant on 3M.com/careers. 

Applicable to US Applicants Only:The expected compensation range for this position is $228,040 - $278,715, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidate’s relevant knowledge, training, skills, work location, and/or experience. In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.). Additional information is available at: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/.

Good Faith Posting Date Range 05/27/2025 To 06/26/2025 Or until filled

All US-based 3M full time employees will need to sign an employee agreement as a condition of employment with 3M. This agreement lays out key terms on using 3M Confidential Information and Trade Secrets. It also has provisions discussing conflicts of interest and how inventions are assigned. Employees that are Job Grade 7 or equivalent and above may also have obligations to not compete against 3M or solicit its employees or customers, both during their employment, and for a period after they leave 3M.

Learn more about 3M’s creative solutions to the world’s problems at www.3M.com or on Instagram, Facebook, and LinkedIn @3M.

Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties.

Pay & Benefits Overview: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/

3M does not discriminate in hiring or employment on the basis of race, color, sex, national origin, religion, age, disability, veteran status, or any other characteristic protected by applicable law.

Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.

3M Global Terms of Use and Privacy Statement

Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms.

Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application, you will be asked to confirm your agreement with the terms.