This job is now closed
Job Description
- Req#: R01137439
- Design and implement a comprehensive third-party cyber risk management program.
- Develop and enforce policies and procedures for assessing and managing third-party risks.
- Continuously improve the program based on evolving threats and regulatory requirements.
- Conduct thorough risk assessments of third-party vendors, including initial due diligence and ongoing monitoring.
- Identify potential vulnerabilities and recommend mitigation strategies.
- Collaborate with third parties to address and remediate identified risks.
- Build and maintain strong relationships with key third-party vendors and partners.
- Ensure that third-party contracts include appropriate cybersecurity requirements and standards.
- Work with legal and procurement teams to negotiate cybersecurity terms in contracts.
Support the response to cyber incidents involving third-party vendors.
- Provide regular updates to senior management on the status of the third-party cyber risk management program.
- Prepare and present reports on third-party risk assessments and mitigation efforts.
- Communicate effectively with internal teams and third-party vendors regarding cyber risk expectations and requirements.
- Ensure that the third-party cyber risk management program complies with relevant regulations and industry standards (e.g., GDPR, CCPA, NIST, ISO 27001).
- Stay current on regulatory changes and update the program as needed.
- Bachelor’s degree or higher (completed and verified prior to start) from an accredited institution
- Ten (10) years of experience in Cybersecurity in a private, public, government or military environment
- Five (5) years of management and/or supervisory experience
- CISSP certification
- Master’s degree in computer engineering, computer systems or information technology field from an accredited institution
- Minimum of 8-10 years of experience in cybersecurity/risk management, with at least 5 years in a leadership role focused on third-party risk management.
- Strong knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS).
- Additional certifications such as SANS, ISACA (CGEIT, CISA, CISM, CRISC) and other technology certifications.
- Excellent communication, negotiation, and relationship-building skills.
- Ability to work collaboratively with internal teams and external vendors.
- Work Your Way Eligible (Employee choice to work remote, on site, or hybrid)
Job Description:
Job Title
Director of Third-Party Cyber Risk Management
Collaborate with Innovative 3Mers Around the World
Choosing where to start and grow your career has a major impact on your professional and personal life, so it’s equally important you know that the company that you choose to work at, and its leaders, will support and guide you. With a diversity of people, global locations, technologies and products, 3M is a place where you can collaborate with other curious, creative 3Mers.
This position provides an opportunity to transition from other private, public, government or military experience to a 3M career.
The Impact You'll Make in this Role
The Director of Third-Party Cyber Risk Management is responsible for both the strategic development and operational execution of the organization’s third-party cyber risk management program. This role ensures that all third-party relationships comply with regulatory requirements, align with corporate cyber policies, and meet the organization’s risk management standards. The Director will design and implement the third-party risk management framework while leading a team of professionals to assess, monitor, and mitigate risks associated with vendors, suppliers, and other third parties. Here, you will make an impact by:
Program Development and Management:
Risk Assessment and Mitigation:
Vendor Relationships:
Incident Management:
Reporting and Communication:
Regulatory Compliance:
Your Skills and Expertise:
To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications:
Additional qualifications that could help you succeed even further in this role include:
Work location:
Travel: May include up to 5% domestic
Relocation Assistance: N/A
Must be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status).
Supporting Your Well-being
3M offers many programs to help you live your best life – both physically and financially. To ensure competitive pay and benefits, 3M regularly benchmarks with other companies that are comparable in size and scope.
Chat with Max
For assistance with searching through our current job openings or for more information about all things 3M, visit Max, our virtual recruiting assistant on 3M.com/careers.
Applicable to US Applicants Only:The expected compensation range for this position is $222,044 - $271,387, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidate’s relevant knowledge, training, skills, work location, and/or experience. In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.). Additional information is available at: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/. Learn more about 3M’s creative solutions to the world’s problems at www.3M.com or on Twitter @3M. Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties. Our approach to flexibility is called Work Your Way, which puts employees first and drives well-being in ways that enable 3M’s business and performance goals. You have flexibility in where and when work gets done. It all depends on where and when you can do your best work. Pay & Benefits Overview: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/ 3M is an equal opportunity employer. 3M will not discriminate against any applicant for employment on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status.Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.
3M Global Terms of Use and Privacy Statement
Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms.Please access the linked document by clicking here , select the country where you are applying for employment, and review. Before submitting your application, you will be asked to confirm your agreement with the terms.
About the company
3M applies science and innovation to make a real impact by igniting progress and inspiring innovation in lives and communities across the globe