As a key member of the Security Compliance team, reporting to the Team Lead Security Compliance, you will:
- Execute day-to-day cybersecurity risk, compliance, and assurance activities.
- Support global cybersecurity certifications includingISO 27001andISO 27017, evaluating control effectiveness and reviewing evidence of controls.
- Assist in achieving ISO 27001 certification by identifying risks and implementing controls.
- Maintain and continuously improve 3M sInformation Security Management System (ISMS).
- Create, update, and manage ISMS documentation, reports, and audit records.
- Act asSubject Matter Expert (SME) for PCI DSS, advising stakeholders, conducting internal assessments, and driving PCI DSS v4.0.1 reviews, gap assessments, and control evaluations.
- Provide high-level knowledge support on other frameworks and standards includingSOC 2, COBIT, NIST, SWIFT, and GDPR.
- Deliver timely written reports, metrics, and updates to cybersecurity management.
- Collaborate and communicate effectively across teams and with stakeholders.
