Cybersecurity Shared Services Engineering Director

About the role

3M is looking for a strategic and technically skilled Director to lead the Cybersecurity Shared Services Engineering function. The role will own multiple shared security platforms, drive product road‑maps, and partner with architecture, GRC, Security Operations and other IT teams to modernise the company’s security posture.

Key responsibilities

• Act as Product Owner for shared cybersecurity platforms – manage backlog, prioritise work, plan releases and deliver business value.
• Build and lead a multidisciplinary team of platform engineers, detection engineers, crypto/PKI specialists and product managers.
• Develop staff expertise through certifications and specialised training (e.g., GCED, GCIH, GDAT, CCSK, CCSP).
• Enable stakeholders with playbooks, office hours and documentation for IT operations, application owners and data stewards.
• Own the full lifecycle of platforms – selection, PoC, procurement, licensing optimisation, versioning, upgrades and decommissioning.
• Ensure platform scalability, multi‑tenant design and integration with subsidiaries, M&A entities and third‑party services.
• Define success metrics, align with business goals and support full capability enablement of existing tools.
• Provide technical leadership for incident response, risk management and threat mitigation, ensuring SOC and IR teams can act quickly.
• Create repeatable audit evidence packages and maintain comprehensive documentation.

Required profile

• Proven experience leading large‑scale cybersecurity platform programmes.
• Strong background in product ownership and multidisciplinary team management.
• Track record of developing technical talent and driving certification programmes.
• Excellent collaboration skills with architecture, compliance, engineering and business stakeholders.

Required skills

• Cybersecurity platform management
• Public Key Infrastructure (PKI) and cryptography
• Data Loss Prevention (DLP) technologies
• Security Operations Center (SOC) tooling and incident response
• Risk management and threat mitigation
• Multi‑tenant architecture and integration of security tools
• Audit evidence creation and documentation