3M has a long-standing reputation as a company committed to innovation. We provide the freedom to explore and encourage curiosity and creativity. We gain new insight from diverse thinking, and take risks on new ideas. Here, you can apply your talent in bold ways that matter.

Job Description:

The Impact You’ll Make in this Role

As the Regional Cybersecurity Threat Management Manager, you will have the opportunity to tap into your curiosity and collaborate with some of the most innovative and diverse people around the world. Here, you will make an impact by:

Work with outsourced Security Operation Center (SOC) services (to-be) on the following tasks below. Perform continuous improvements (Red Team/Purple Team) to Security information and event management (SIEM) solution to ensure comprehensive visibility into security activities within CHK regional network so we can respond swiftly to potential cyberattacks and meet compliance requirements. Lead Threat Hunting and continuously sniff out and neutralize highly advanced threats which cannot be detected solely with programmatic solutions in CHK region. Perform Application Penetration Testing for newly developed or routine applications Establish Threat Intelligence program and process, and collaborate with Cybersecurity Incident Response Team (CIRT) to gather and analyze threat intelligence and indicators of compromise (IOCs) to enhance incident detection and response capabilities. Monitor and improve Vulnerability Management in CHK region. Align Cyber Threat Management tactics with general global ISRC counterpart.

Your Skills and Expertise

To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications:

Bachelor’s degree or higher (completed and verified prior to start) from an accredited institution Five years of Cybersecurity Threat management and SOC operation experience in large companies. Experience at leading consulting firms is preferred but not mandatory. Offensive Security Certifications such as OSCE, OSCP, CRTE, SANS/CREST related certifications are preferred. Hands on technical experience in Threat Hunting and Vulnerability Management. Familiar with mainstream SIEM, SOAR, EDR, TI tools and techniques. Familiar with ISO 27001, NIST, MLPS, Mitre Attack and other security norms, standards & frameworks. Good language skills in both English and Chinese, in both written and verbal.

Additional qualifications that could help you succeed even further in this role include:

Creative and results-oriented, who is good at balancing multiple priorities and issues. Willing to and capable of hands-on tasks. Effective communications skills, including both written and verbal communication skills, and the ability to translate security principles into business terms. Foundational technical expertise, including both business acumen and strategic thinking.

Work location:

Hybrid Eligible - Job Duties allow for some remote work but require travel to Shanghai Maxdo office (China) at least 3 days per week

Travel: May include up to 10% domestic

Learn more about 3M’s creative solutions to the world’s problems at www.3M.com or on Instagram, Facebook, and LinkedIn @3M.

Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.

3M Global Terms of Use and Privacy Statement

Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms.

Please access the linked document by clicking here , select the country where you are applying for employment, and review. Before submitting your application, you will be asked to confirm your agreement with the terms.