• Job Description

  Req#: R01121391

  Job Description:

  Security Architect – OT and Product Security (New Health Care Company)

  3M is establishing two industry-leading companies, creating value through the spin-off of its Health Care business, while 3M will continue to be a global material science leader, focusing our innovation to win in favorable global megatrends and attractive end markets. This new Health Care Company will be a leading global diversified health technology company with:

  • Proven category leadership
  • Exposure to attractive end-markets
  • Innovation mindset driving improved patient outcomes
  • Collaborative customer relationships
  • Deep global regulatory experience
  • Operational excellence and strong cash flow
  • Strong sales growth and profitability with significant recurring sales

  We expect the creation of the two companies will be completed by the end of 2023. For now, we will continue to operate as one global company. This role is positioned to drive the success of the "New Health Care Company”.

  This position provides an opportunity to transition from other private, public, government or military experience to a 3M career.

  The Impact You’ll Make in this Role.
  The OT (Operational Technology) and Product Security Architect will play a pivotal role in designing, implementing, and maintaining the security posture and maturity of our OT based systems and applications. Reporting to the Chief Security Architect Cybersecurity, the successful candidate will lead the effort to secure our operational technology systems and customer product environments, identify vulnerabilities, and enhance enterprise business processes to mitigate risks. This role requires a deep understanding of Operational Technology OT / ICS environments that support client facing solutions, validation of security measures within an Authority to Operate or ATO, customer facing knowledge of product security compliance and assessment frameworks, design configuration and change management solutions, perform third party assessments and framework alignment, and overall product security and OT industry best practices.

  • OT Security Strategy - Develop and implement a comprehensive OT security strategy that aligns with industry best practices and regulatory requirements
  • Product Security - Lead efforts to embed security into the product development lifecycle, ensuring that security considerations are integrated from design through deployment. This includes OT, ICS, IoT, and enterprise security processes / standards
  • Risk Assessment - Conduct risk assessments and vulnerability assessments for OT systems and products to identify and prioritize security threats and weaknesses
  • Security Architecture - Design and implement secure OT system architectures and product designs, considering factors such as network segmentation, access controls, and encryption
  • Security Standards - Establish and enforce security standards, policies, and procedures for OT / ICS systems and product development
  • Security Testing - Oversee security testing activities, including penetration testing, vulnerability scanning, and code reviews
  • Security Awareness - Promote security awareness and training among OT / ICS and product development teams to foster a security-conscious culture
  • Compliance - Ensure compliance with industry standards and regulations related to OT and product security, such as NIST, Perdue, IEC 62443, and others
  • Vendor Assessment - Evaluate third-party vendors and suppliers for their security practices and ensure they meet our security requirements
  • Documentation - Maintain detailed documentation of security configurations, design patterns, shared service designs, inventories, incident response plans, and security architectures

  Your Skills and Expertise

  To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications:

  • Bachelor’s degree or higher (completed and verified prior to start)

  OR

  • High School Diploma/GED or higher (completed and verified prior to start) and a minimum of sixteen (16) years of experience in Information Technology (IT)

  • Ten (10) years of enterprise security architecture expertise in a private, public, government or military environment
  • Five (5) years of OT, ICS, Product Security background in a large enterprise network environment in a private, public, government or military environment
  • Direct experience performing Perdue, NIST, IEC 62443 model framework assessments

  Additional qualifications that could help you succeed even further in this role include:

  • Master’s degree in Information Technology or Cybersecurity from an accredited institution
  • Industry-recognized certifications such as [CISSP, CCSP, CISM] are highly desirable
  • Proficiency in Enterprise Architecture modeling utilizing SABSA, TOGAF EA frameworks
  • Healthcare experience
  • Experience with ePHI, HIPPA, GDPR, NIST, and other related industry frameworks
  • Excellent communication and collaboration skills to work with technical and non-technical stakeholders

  Work location:

  • Work Your Way Eligible (Employee choice to work remote, on site, or hybrid)

  Travel: May include up to 20% [domestic/international]

  Relocation Assistance: May be authorized.

  Must be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status).

  Supporting Your Well-being

  3M offers many programs to help you live your best life – both physically and financially. To ensure competitive pay and benefits, 3M regularly benchmarks with other companies that are comparable in size and scope.

  Chat with Max

  For assistance with searching through our current job openings or for more information about all things 3M, visit Max, our virtual recruiting assistant on 3M.com/careers.

  The expected compensation range for this position is $177,961 - $217,508, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidate’s relevant knowledge, training, skills, work location, and/or experience. In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.). Additional information is available at: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/.

  Learn more about 3M’s creative solutions to the world’s problems at www.3M.com or on Twitter @3M.

  Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties.

  Our approach to flexibility is called Work Your Way, which puts employees first and drives well-being in ways that enable 3M’s business and performance goals. You have flexibility in where and when work gets done. It all depends on where and when you can do your best work.

  Pay & Benefits Overview: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/

  3M is an equal opportunity employer. 3M will not discriminate against any applicant for employment on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status.

  Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.

  3M Global Terms of Use and Privacy Statement

  
  Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms.

  Please access the linked document by clicking here , select the country where you are applying for employment, and review. Before submitting your application you will be asked to confirm your agreement with the terms.

• About the company

  3M applies science and innovation to make a real impact by igniting progress and inspiring innovation in lives and communities across the globe

Notice