3M is a global company that fosters collaboration among innovative individuals. They are seeking a Cyber Threat & Response Engineer (L2) to safeguard the enterprise against evolving cyber threats by monitoring security alerts, investigating suspicious activities, and driving incident response efforts.
Own the front lines: Monitor and dissect security alerts provided from managed services providers, SIEM, EDR, and advanced detection platforms to uncover potential threats before they strike
Investigate like a hunter: Dive deep into suspicious activity, correlating signals across multiple sources to reveal scope, impact, and adversary intent
Lead the charge: Drive containment, eradication, and recovery for low to moderately complex incidents—keeping attackers on the run
Escalate with precision: Deliver detailed, actionable intelligence to senior engineers and management, ensuring rapid and effective resolution
Close the loop: Support remediation during active incidents and contribute to post-incident reviews to strengthen defenses and eliminate gaps
Turn intel into action: Apply threat intelligence, behavioral analytics, and contextual data to sharpen detection and response capabilities
Engineer smarter defenses: Partner with detection engineering teams to design, test, and fine-tune detection rules and use cases
Analyze the unknown: Perform malware triage, log correlation, and network traffic inspection to uncover hidden threats
Stay ahead of the curve: Track evolving attacker tactics, techniques, and procedures (TTPs) and use that knowledge to outsmart adversaries
Bridge the gap: Work closely with IT, OT, and business units to validate alerts, gather context, and coordinate swift incident resolution
Drive the process: Capture investigation steps, findings, and actions with clarity and precision for future reference
Continuous improvement: Contribute to playbook enhancements, process improvements, and knowledge sharing
Qualification
Required
Bachelor's degree in Cybersecurity, Information Technology, or technology field (completed and verified prior to start)
OR High School diploma (completed and verified prior to start) and four (4) years of hands-on experience (completed and verified prior to start)
AND Two (2) years of experience in a SOC or cybersecurity operations role in a private, public, government or military environment
Preferred
Proficiency in analyzing alerts from SIEM, EDR, and network monitoring tools
Familiarity with threat intelligence, basic malware analysis, and log correlation techniques
Ability to write and use scripts (Python, PowerShell, Bash) for automation, log parsing, and incident response tasks
Understanding of common attack vectors, threat actor behaviors, and frameworks like MITRE ATT&CK
Strong analytical and problem-solving skills with attention to detail
Effective communicator with the ability to document investigations and collaborate with cross-functional teams
Certifications such as CompTIA Security+, CySA+, or GCIH
Benefits
Medical
Dental & Vision
Health Savings Accounts
Health Care & Dependent Care Flexible Spending Accounts
Disability Benefits
Life Insurance
Voluntary Benefits
Paid Absences
Retirement Benefits
3M is a global company that applies science to life, offering products and solutions across various industries.
Glassdoor
3.8
Founded in 1902
Saint Paul, Minnesota, USA
10001+ employees
https://www.3m.com
3M is a global company that applies science to life, offering products and solutions across various industries.
