Analyst, IT Security Compliance

3M has a long-standing reputation as a company committed to innovation. We provide the freedom to explore and encourage curiosity and creativity. We gain new insight from diverse thinking, and take risks on new ideas. Here, you can apply your talent in bold ways that matter.

Job Description:

JOB DESCRIPTION:

What You’ll Do

As a key member of the IT Security Compliance team, reporting to the Team Lead – Security Compliance, you will:

• Execute day-to-day cybersecurity risk, compliance, and assurance activities.
• Support global cybersecurity certifications including ISO 27001 and ISO 27017, evaluating control effectiveness and reviewing evidence of controls.
• Assist in achieving ISO 27001 certification by identifying risks and implementing controls.
• Maintain and continuously improve 3M’s Information Security Management System (ISMS).
• Create, update, and manage ISMS documentation, reports, and audit records.
• Act as Subject Matter Expert (SME) for PCI DSS, advising stakeholders, conducting internal assessments, and driving PCI DSS v4.0.1 reviews, gap assessments, and control evaluations.
• Provide high-level knowledge support on other frameworks and standards including NIST, SOX, SWIFT, and TISAX.
• Deliver timely written reports, metrics, and updates to cybersecurity management.
• Collaborate and communicate effectively across teams and with stakeholders.

What We’re Looking For

• Education: Bachelor’s degree with a minimum of 4 years of experience in Information Security, GRC, or related roles.
• Certifications (preferred): ISO 27001 Lead Auditor/Implementer, PCI ISA, CISA, CISM, CRISC, or equivalent.
• Skills & Knowledge:
  • Strong knowledge of information security risk standards, frameworks, and methodologies.
  • Experience working with GRC tools such as OneTrust, Archer (or similar).
  • Excellent written and verbal communication skills.
  • Ability to manage multiple priorities and adapt to evolving business needs.

Learn more about 3M’s creative solutions to the world’s problems at www.3M.com or on Instagram, Facebook, and LinkedIn @3M.

Safety is a core value at 3M. All employees are expected to contribute to a strong Environmental Health and Safety (EHS) culture by following safety policies, identifying hazards, and engaging in continuous improvement.

Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.

3M Global Terms of Use and Privacy Statement

Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms.

Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application, you will be asked to confirm your agreement with the terms.