Cybersecurity Shared Services Engineering Director

Cybersecurity Shared Services Engineering Director

Collaborate with Innovative 3

Mers Around the World — Choosing where to start and grow your career has a major impact on your professional and personal life, so it’s equally important you know that the company that you choose to work at, and its leaders, will support and guide you. With a wide variety of people, global locations, technologies and products, 3M is a place where you can collaborate with other curious, creative 3

Mers.

This position provides an opportunity to transition from other private, public, government or military experience to a 3M career.

With 3M’s continued commitment to security and its path toward modernization and improvement, we are seeking a strategic and technically skilled Director, Cybersecurity Shared Services Engineering to lead the teams who deploy and own shared security platforms and services. This role will have product ownership of several platforms and capabilities while partnering with architecture, GRC, Security Operations, infrastructure, and other IT functions.

• Act as Product Owner for shared cybersecurity platforms: backlog, prioritization, release planning, and value realization.
• Build and lead a multidisciplinary team: platform engineers, detection engineers, crypto/PKI specialists, and product managers.
• Skills development for staff: certifications (e.g., GCED, GCIH, GDAT, CCSK, CCSP), crypto engineering upskilling, DLP analyst training, etc.
• Stakeholder enablement: playbooks, office hours, and documentation for IT Ops, App Owners, and Data Stewards.
• Own lifecycle management: selection, PoC, procurement, licensing optimization, versioning, hygiene, upgrades, and deprecation.
• Ensure platform scalability and multi-tenant patterns for enterprise, subsidiaries, M&A, and third-party integrations.
• Define and get alignment for success metrics.
• Enable and support integrations and full capability enablement of existing platforms.
• Collaborate with engineering, compliance, and business teams to translate security requirements into technical implementations, including authorization mappings.
• Partner with cybersecurity architects on integrating into the IT and cybersecurity tooling ecosystem.
• Provide technical leadership when required for incident response, risk management, and threat mitigations.
• Own the platform response capability: ensure SOC and IR teams can leverage tooling effectively in live incidents (e.g., mass isolation, rapid DLP policy enforcement, revocation of certs, key rotation, etc.).
• Create defensible, repeatable evidence packages for audits (control descriptions, configs, logs, screenshots, attestations).
• Stay current with emerging technologies, trends, and threats.
• Develop and maintain comprehensive documentation.

To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications:

• Bachelor’s Degree or higher (completed and verified prior to start)
• Ten (10) years of experience in cybersecurity in a private, public, government or military environment
• Three (3) years leading cybersecurity engineering and administration in a private, public, government or military environment

• Experience operating in a multi-national and large enterprise
• Ability to design and articulate solutions for modern IT systems (APIs, containers, agentic agents, etc.)
• Experience with Cybersecurity platforms (e.g., Crowd Strike, ForcePoint, Venafi, MDE, etc.)
• Understanding enterprise solutions that oversight and integrations will be required for (e.g., tenant wide configurations that enable controls for DLP and/or EDR, integration to EDR/DLP/Crypto to other platforms, etc.)
• Excellent communication and stakeholder engagement skills
• CISSP, CISM, or similar
• Experience supporting a manufacturing company with IT and OT

This role follows an on-site working model, requiring the employee to work at least four days a week at the 3M Center in Maplewood, MN or Austin, TX locations.

Travel:
May include up to 5%.

Must be legally…