Security Risk Engineer

Join to apply for the Security Risk Engineer role at Solventum.

This range is provided by Solventum. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

$106,331.00/yr - $129,960.00/yr

Thank you for your interest in working for our Company. Recruiting the right talent is crucial to our goals. On April 1, 2024, 3M Healthcare underwent a corporate spin-off leading to the creation of a new company named Solventum. We are still in the process of updating our Careers Page and applicant documents, which currently have 3M branding. Please bear with us. In the interim, our Privacy Policy here: https://www.solventum.com/en-us/home/legal/website-privacy-statement/applicant-privacy/ continues to apply to any personal information you submit, and the 3M-branded positions listed on our Careers Page are for Solventum positions. As it was with 3M, at Solventum all qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Security Risk Engineer (Solventum)

3M Health Care is now Solventum.

At Solventum, we enable better, smarter, safer healthcare to improve lives. As a new company with a long legacy of creating breakthrough solutions for our customers’ toughest challenges, we pioneer game-changing innovations at the intersection of health, material and data science that change patients' lives for the better while enabling healthcare professionals to perform at their best. Because people, and their wellbeing, are at the heart of every scientific advancement we pursue.

We partner closely with the brightest minds in healthcare to ensure that every solution we create melds the latest technology with compassion and empathy. Because at Solventum, we never stop solving for you.

The Impact You’ll Make in this Role

The Cybersecurity Risk Engineer will play a key role in securing Solventum’s digital products and information technology (IT) infrastructure, ensuring resilience against cyber threats, and enhancing our overall security posture. Working closely with both engineering and IT teams, this role will focus on risk assessment, controls assessment, and risk management, while also automating security tools and processes.

In this role, you will conduct regular risk assessments, audits, and vulnerability analyses on IT assets, networks, and processes. You will develop and maintain a risk-based approach to protect IT assets by mitigating identified threats and vulnerabilities. Analyzing and tracking cybersecurity risks to ensure they are documented and managed effectively will be essential.

Automation of security tools and processes to improve efficiency and effectiveness is another critical aspect. You will use technical skills to implement reporting and evidence collection for security tools like SAST, DAST, and SCA.

You will review security controls for software and products to ensure they meet standards and develop a controls heat map to visualize security control effectiveness across the organization. Supporting the Authority to Operate (ATO) program and ensuring risk management and control validation processes are followed will be part of your responsibilities. Contributing best practices, checklists, templates, testing methods, and techniques to the Security Assessment program is also expected.

Developing and maintaining documentation of security processes, policies, and controls to enable audits and compliance verification is required. You will also work to ensure stakeholders understand their responsibilities regarding security frameworks and regulatory compliance.

Collaboration is key. You will act as a liaison between engineering, IT, and security teams to ensure alignment on cybersecurity initiatives. Staying current with cybersecurity trends and building relationships across Solventum’s technology teams will be crucial.

Your Skills And Expertise

Minimum qualifications include:

• High School Diploma/GED AND 3+ years of experience in Cybersecurity or IT

Additional helpful qualifications include:

• Proficiency in Python or scripting languages and experience with APIs
• Knowledge of industry standards like NIST CSF, NIST 800-53, and other frameworks
• Excellent communication, project management, and teamwork skills
• Problem-solving abilities in complex IT environments
• Ability to work independently with limited guidance

Work location: Remote.

Travel may include up to 20% domestically/internationally. Relocation assistance may be provided.

You must be legally authorized to work in the country of employment without sponsorship.

Additional information on pay, benefits, and company policies is available on our website.

Seniority level: Mid-Senior level

Employment type: Full-time

Job function: Management and Manufacturing

Industries: Medical Equipment Manufacturing