Director Third Party Cyber Risk Management-R01137439

3M

Job Description:Job TitleDirector of Third-Party Cyber Risk ManagementCollaborate with Innovative 3Mers Around the WorldChoosing where to start and grow your career has a major impact on your professional and personal life, so its equally important you know that the company that you choose to work at, and its leaders, will support and guide you. With a diversity of people, global locations, technologies and products, 3M is a place where you can collaborate with other curious, creative 3Mers.This position provides an opportunity to transition from other private, public, government or military experience to a 3M career.The Impact Youll Make in this RoleThe Director of Third-Party Cyber Risk Management is responsible for both the strategic development and operational execution of the organizations third-party cyber risk management program. This role ensures that all third-party relationships comply with regulatory requirements, align with corporate cyber policies, and meet the organizations risk management standards. The Director will design and implement the third-party risk management framework while leading a team of professionals to assess, monitor, and mitigate risks associated with vendors, suppliers, and other third parties. Here, you will make an impact by:Program Development and Management:Design and implement a comprehensive third-party cyber risk management program.Develop and enforce policies and procedures for assessing and managing third-party risks.Continuously improve the program based on evolving threats and regulatory requirements.Risk Assessment and Mitigation:Conduct thorough risk assessments of third-party vendors, including initial due diligence and ongoing monitoring.Identify potential vulnerabilities and recommend mitigation strategies.Collaborate with third parties to address and remediate identified risks.Vendor Relationships:Build and maintain strong relationships with key third-party vendors and partners.Ensure that third-party contracts include appropriate cybersecurity requirements and standards.Work with legal and procurement teams to negotiate cybersecurity terms in contracts.Incident Management:Support the response to cyber incidents involving third-party vendors.Reporting and Communication:Provide regular updates to senior management on the status of the third-party cyber risk management program.Prepare and present reports on third-party risk assessments and mitigation efforts.Communicate effectively with internal teams and third-party vendors regarding cyber risk expectations and requirements.Regulatory Compliance:Ensure that the third-party cyber risk management program complies with relevant regulations and industry standards (e.g., GDPR, CCPA, NIST, ISO 27001).Stay current on regulatory changes and update the program as needed.Your Skills and Expertise:To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications:Bachelors degree or higher (completed and verified prior to start) from an accredited institutionTen (10) years of experience in Cybersecurity in a private, public, government or military environmentFive (5) years of management and/or supervisory experienceCISSP certificationAdditional qualifications that could help you succeed even further in this role include:Masters degree in computer engineering, computer systems or information technology field from an accredited institutionMinimum of 8-10 years of experience in cybersecurity/risk management, with at least 5 years in a leadership role focused on third-party risk management.Strong knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS).Additional certifications such as SANS, ISACA (CGEIT, CISA, CISM, CRISC) and other technology certifications.Excellent communication, negotiation, and relationship-building skills.Ability to work collaboratively with internal teams and external vendors.Work location:Work Your Way Eligible (Employee choice to work remote, on si e, or hybrid)Travel: May include up to 5% domesticRelocation Assistance: N/AMust be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status).Supporting Your Well-being3M offers many programs to help you live your best life both physically and financially. To ensure competitive pay and benefits, 3M regularly benchmarks with other companies that are comparable in size and scope.Chat with MaxFor assistance with searching through our current job openings or for more information about all things 3M, visit Max, our virtual recruiting assistant on 3M.com/careers.Applicable to US Applicants Only:The expected compensation range for this position is $222,044 – $271,387, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidates relevant knowledge, training, skills, work location, and/or experience. In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.). Additional information is available at: https://www.3m.com/3M/enUS/careers-us/working-at-3m/benefits/.Learn more about 3Ms creative solutions to the worlds problems at www.3M.com or on Twitter @3M.Responsibilities of this position include that corporate policies, procedures and security standards are complied…Equal Opportunity Employer – minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity

Show Full Vacancy