Sr. Manager Cyber Policies, Standards and Awareness

Thank you for your interest in working for our Company. Recruiting the right talent is crucial to our goals. On April 1, 2024, 3M Healthcare underwent a corporate spin-off leading to the creation of a new company named Solventum. We are still in the process of updating our Careers Page and applicant documents, which currently have 3M branding. Please bear with us. In the interim, our Privacy Policy here: https://www.solventum.com/en-us/home/legal/website-privacy-statement/applicant-privacy/ continues to apply to any personal information you submit, and the 3M-branded positions listed on our Careers Page are for Solventum positions. As it was with 3M, at Solventum all qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Job Description:

The Impact You’ll Make in this Role
Solventum is seeking a dynamic and talented Senior Manager for Cyber Security Policies, Standards & Awareness. This position will report into the Director of Security Compliance, Audit and Assurance and will provide support for critical efforts across the GRC scope of work, and partners with other departments.  This position will lead cyber security policy and standard maturity and updates as well as the awareness campaigns and training needed across the global footprint. This role involves collaborating with various departments to ensure compliance with cyber security regulations and best practices and fostering a culture of security awareness throughout the organization.

Responsibilities

• Drive the creation and review process of Cybersecurity Policies and Standards for the organization in alignment with industry best practices and regulatory requirements that comply with cybersecurity laws and regulations.
• Communicate effectively to ensure relevant stakeholders are well-informed about the newly implemented policies
• Mature the cybersecurity awareness and training program 
• Map to the ECF (control matrix) against cybersecurity policies, standards and processes and identify policy, standards and process gaps.
• NIST 800-53, StateRAMP, NIST CSF, ISO 27001, Sarbanes-Oxley (SOX), Service Organization Controls (SOC) 2, Payment Card Industry Data Security Standard (PCI-DSS), ENS, C5, CTPAT and other applicable industry standards.
• Work closely with IT, Legal, HR, Privacy and various other departments to integrate policies and standards across the company.
• Facilitate IT compliance of identified controls – for example, IT general controls (ITGCs), application, cloud, and cybersecurity.
• Provide early indication of increasing risk exposures through designing, implementing, and monitoring of enterprise and business unit risk tolerances and key risk indicators
• Collect, analyze, and monitor risk-related data to proactively identify trends and prioritize efforts and resources
• Aggregate risk data and develop themes for reporting to senior management highlighting key cyber-risk trends
• Ensure that projects comply with security standards and architectures

Your Skills and Expertise 
To set you up for success in this role from day one, Solventum requires (at a minimum) the following qualifications:

• Bachelor’s Degree or higher from (completed and verified prior to start) and 10 years of relevant IT / cyber security experience
• 4 years of leadership experience.

Additional qualifications that could help you succeed even further in this role include:

• Requires a mix of business and technical acumen with strong people management skills, the ability to influence decisions around risk management, and an ability to communicate with senior executives, cross functional stakeholders, and business leaders.
• Ability to effectively prioritize and execute tasks in a fast-paced environment
• Experience developing and producing risk metrics and reports that are meaningful and actionable across various audiences
• Experience with coordinating corporate governance activities
• Proficient at summarizing, packaging, and presenting data and topics to assist executive management in assessing options and decision-making
• Adept analytical and problem-solving skills
• Ability to perform well under pressure and demonstrate a sense of urgency
• Advanced Microsoft Office Suite (Word, Excel, PowerPoint)
• Cybersecurity Certifications in either CISSP, CISM, CISA, CRISC or GSLC are preferred

Work location: Remote

Travel: May include up to 10% domestic/international

Relocation Assistance: Not authorized

Applicable to US Applicants Only:The expected compensation range for this position is $207,348 - $253,425, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidate’s relevant knowledge, training, skills, work location, and/or experience. In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.). Additional information is available at: https://www.solventum.com/en-us/home/our-company/careers/#Total-Rewards

Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties.

Solventum is committed to maintaining the highest standards of integrity and professionalism in our recruitment process.  Applicants must remain alert to fraudulent job postings and recruitment schemes that falsely claim to represent Solventum and seek to exploit job seekers.

Please note that all email communications from Solventum regarding job opportunities with the company will be from an email with a domain of @solventum.com. Be wary of unsolicited emails or messages regarding Solventum job opportunities from emails with other email domains.

Please note, Solventum does not expect candidates in this position to perform work in the unincorporated areas of Los Angeles County.

Solventum is an equal opportunity employer.  Solventum  will not discriminate against any applicant for employment on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status.

Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.

Solventum Global Terms of Use and Privacy Statement

Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at Solventum are conditioned on your acceptance and compliance with these terms.

Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application you will be asked to confirm your agreement with the
terms.