Cyber Compliance Oversight Manager

Job Description:

Cyber Compliance Oversight Manager

Collaborate with Innovative 3Mers Around the World

Choosing where to start and grow your career has a major impact on your professional and personal life, so it's equally important you know that the company that you choose to work at, and its leaders, will support and guide you. With a wide variety of people, global locations, technologies and products, 3M is a place where you can collaborate with other curious, creative 3Mers.

This position provides an opportunity to transition from other private, public, government or military experience to a 3M career.

The Impact You'll Make in this Role

In this role, you will be responsible for overseeing the Managed Services Provider (MSP) that delivers day‑to‑day cybersecurity and technology compliance services. Your oversight will ensure that our Cyber Compliance Management Program operates effectively across unified controls framework sustainment, control assessments, compliance monitoring, readiness reviews, and reporting.

You will evaluate the quality and accuracy of the MSP's work, verify alignment with 3M's compliance standards and regulatory expectations, and ensure timely execution of all compliance activities. Through effective oversight, strategic guidance, and partnership with internal stakeholders, you will help maintain a strong cyber and technology compliance posture, safeguard the organization from regulatory and control gaps, and support leadership with clear, actionable compliance insights.

Key Responsibilities:

• Overseeing the managed services relationship responsible for cybersecurity compliance operations, ensuring delivery quality across all services.
• Reviewing and approving MSP outputs, including obligations updates, unified control framework changes, control assessment results, monitoring outcomes, and compliance reports.
• Monitoring MSP performance against SLAs and KPIs, ensuring consistent adherence to scope, quality expectations, and timelines.
• Conducting regular service delivery reviews and providing direction to drive continuous improvement in compliance operations.
• Partnering with the MSP to assess regulatory changes, evaluate applicability, and ensure updates to compliance obligations and common controls are accurate and timely.
• Collaborating with the MSP on planning and execution of risk‑based control assessments, executing reviews of control design and operating effectiveness, and validating remediation plans for identified gaps.
• Overseeing ongoing compliance monitoring results, ensuring timely follow‑up and escalation of potential issues or trends.
• Supporting readiness assessments for compliance initiatives by reviewing gap analyses, maturity evaluations, and required enhancements.
• Serving as the escalation and coordination point with Internal Audit, ensuring adequate evidence preparation, timely responses, and alignment with control and regulatory expectations.
• Working with leadership to present monthly compliance metrics and insights through dashboards and executive reporting provided by the MSP.

Competency Summary:

• Analytical Skills: Strong analytical abilities to evaluate compliance results, identify patterns or gaps, and recommend mitigation strategies.
• Communication Skills: Ability to communicate complex compliance topics clearly to technical and non‑technical audiences, including senior leadership.
• Project Management: Experience managing multiple concurrent compliance activities, ensuring timely execution, and maintaining clear status transparency.
• Collaboration: Ability to work effectively with cybersecurity teams, IT, legal, risk, internal audit, and business stakeholders in a coordinated compliance approach.
• Attention to Detail: Strong focus on accuracy and completeness in compliance reporting, documentation, and evidence review.

Your Skills and Expertise

To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, Management (completed and verified prior to start)

• Five (5) years of experience in cyber compliance operations role in a private, public, government or military environment

Additional qualifications that could help you succeed even further in this role include:

• Cybersecurity Knowledge: Deep understanding of cybersecurity principles, practices, regulatory obligations, and common control frameworks.
• Regulatory and Standards Knowledge: Familiarity with relevant regulatory requirements and industry standards such as ISO 27001, NIST CSF, SOX, PCI, CMMC, TISAX, SWIFT, and other cyber compliance obligations.
• Compliance and Control Framework Management: Experience managing compliance programs, including control framework governance, regulatory change management, and compliance monitoring.
• Control Assessment Expertise: Proven experience conducting or overseeing control assessments, evaluating design and operating effectiveness, and interpreting control test evidence.
• Continuous Improvement: Commitment to staying current with emerging regulations, compliance expectations, and best practices, and continuously improving compliance processes.
• Professional Certification: CISSP certification or one of the following certifications such as CISA, CISM, ISO 27001 Lead Auditor

Work location:

• Work location: This role follows an on-site working model, requiring the employee to work at least four days a week at the Maplewood, MN or Austin, TX office locations.

Travel: May include up to 10% domestic/international

Relocation: May be authorized

Must be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status).

Supporting Your Well-being

3M offers many programs to help you live your best life - both physically and financially. To ensure competitive pay and benefits, 3M regularly benchmarks with other companies that are comparable in size and scope.

Chat with Max

For assistance with searching through our current job openings or for more information about all things 3M, visit Max, our virtual recruiting assistant on 3M.com/careers.

Applicable to US Applicants Only:The expected compensation range for this position is $164,612 - $201,193, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidate's relevant knowledge, training, skills, work location, and/or experience. In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.). Additional information is available at: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/.

Good Faith Posting Date Range 03/17/2026 To 04/16/2026 Or until filled

All US-based 3M full time employees will need to sign an employee agreement as a condition of employment with 3M. This agreement lays out key terms on using 3M Confidential Information and Trade Secrets. It also has provisions discussing conflicts of interest and how inventions are assigned. Employees that are Job Grade 7 or equivalent and above may also have obligations to not compete against 3M or solicit its employees or customers, both during their employment, and for a period after they leave 3M.

Learn more about 3M's creative solutions to the world's problems at www.3M.com or on Instagram, Facebook, and LinkedIn @3M.

Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties.

Safety is a core value at 3M. All employees are expected to contribute to a strong Environmental Health and Safety (EHS) culture by following safety policies, identifying hazards, and engaging in continuous improvement.

Pay & Benefits Overview: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/

3M does not discriminate in hiring or employment on the basis of race, color, sex, national origin, religion, age, disability, veteran status, or any other characteristic protected by applicable law.

Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.

3M Global Terms of Use and Privacy Statement

Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms.

Please click on the following links and select the country where you are applying for employment to review the applicable Terms of Use (link here) and Privacy Policy (link here). Before submitting your application, you will be asked to confirm your agreement with the terms.