Sr. Analyst, IT Security Compliance

3M has a long-standing reputation as a company committed to innovation. We provide the freedom to explore and encourage curiosity and creativity. We gain new insight from diverse thinking, and take risks on new ideas. Here, you can apply your talent in bold ways that matter.

Job Description : About the Role

Join the dynamic and innovative team at 3M Global Technology Center LLP as an Analyst - Security Compliance and take your career to new heights.

At 3M, innovation is at the core of everything we do. We empower curiosity, creativity, and bold thinking, while fostering an environment where diverse ideas thrive. By joining our team, you will have the opportunity to work with industry experts and cutting-edge technologies, helping shape a world-class security compliance program.

What You'll Do

As a key member of the Security Compliance team, reporting to the Team Lead - Security Compliance, you will :

Execute day-to-day cybersecurity risk, compliance, and assurance activities.

Support global cybersecurity certifications including ISO 27001 and ISO 27017 , evaluating control effectiveness and reviewing evidence of controls.

Assist in achieving ISO 27001 certification by identifying risks and implementing controls.

Maintain and continuously improve 3M's Information Security Management System (ISMS) .

Create, update, and manage ISMS documentation, reports, and audit records.

Act as Subject Matter Expert (SME) for PCI DSS , advising stakeholders, conducting internal assessments, and driving PCI DSS v4.0.1 reviews, gap assessments, and control evaluations.

Provide high-level knowledge support on other frameworks and standards including SOC 2, COBIT, NIST, SWIFT, and GDPR .

Deliver timely written reports, metrics, and updates to cybersecurity management.

Collaborate and communicate effectively across teams and with stakeholders.

What We're Looking For

Education : Bachelor's degree with a minimum of 3 years of experience in Information Security, GRC, or related roles.

Certifications (preferred) : ISO 27001 Lead Auditor / Implementer, PCI ISA, CISA, CISM, CRISC, CISSP, or equivalent.

Skills & Knowledge :

Strong knowledge of information security risk standards, frameworks, and methodologies.

Experience working with GRC tools such as Archer (or similar).

Excellent written and verbal communication skills.

Ability to manage multiple priorities and adapt to evolving business needs.

Learn more about 3M's creative solutions to the world's problems at www.3M.com or on Instagram, Facebook, and LinkedIn @3M.

Safety is a core value at 3M. All employees are expected to contribute to a strong Environmental Health and Safety (EHS) culture by following safety policies, identifying hazards, and engaging in continuous improvement.

Please note : your application may not be considered if you do not provide your education and work history, either by : 1) uploading a resume, or 2) entering the information into the application fields directly.

3M Global Terms of Use and Privacy Statement

Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms.

Please access the linked document by clicking select the country where you are applying for employment, and review. Before submitting your application, you will be asked to confirm your agreement with the terms.

Skills Required

Cobit, Swift, Gdpr, Iso 27001, Pci Dss, nist