3M
Overview
Senior SOC Analyst (L3) in 3M’s Cyber Defense Organization. Leads complex investigations, responds to high-severity incidents, and mentors junior analysts. Bridges tactical operations and strategic defense with deep technical expertise, strong analytical skills, and adversary-minded thinking. This role provides an opportunity to transition from other private, public, government or military experience to a 3M career. Responsibilities
Management: Provide mentorship and technical oversight to L2 analysts and MSSP-led staff, review investigations, and guide escalation decisions. Lead incident response for high-severity events, coordinating across teams to ensure containment and remediation. Contribute to the development and refinement of SOC processes, playbooks, and escalation protocols. Participate in hiring, onboarding, and training activities to build a high-performing SOC team. Technical: Conduct advanced investigations of security alerts and incidents (malware analysis, lateral movement, data exfiltration). Perform threat hunting using hypothesis-driven approaches and threat intelligence to uncover hidden threats. Develop and tune detection rules, correlation logic, and behavioral analytics across SIEM, EDR, and cloud platforms. Analyze attacker TTPs and translate them into actionable detections using MITRE ATT&CK and the Cyber Kill Chain. Lead forensic investigations (memory, disk, network) to support incident response and legal requirements. Collaborate with detection engineering and threat intelligence teams to improve detection coverage and response workflows. Organizational: Serve as a key point of contact during major incidents, providing technical updates and risk assessments to leadership and stakeholders. Document investigation findings, incident timelines, and lessons learned in a clear, structured format. Support compliance and audit efforts by ensuring incident handling aligns with regulatory and policy requirements. Collaborate with IT, OT, and business units to ensure visibility and response capabilities across all environments. Contribute to SOC maturity assessments and strategic planning to enhance the organization’s cyber defense posture. Your Skills And Expertise
To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications: Bachelor’s degree in Cybersecurity, Information Technology, or Computer Science (completed and verified prior to start) Five (5) years of experience in a SOC or cybersecurity operations role, with at least 2 years in a senior or L3 capacity in a private, public, government or military environment Additional qualifications that could help you succeed include: Proficiency in SIEM (e.g., Splunk, Sentinel), EDR (e.g., CrowdStrike, Carbon Black), and forensic tools. Strong understanding of Windows, Linux, and cloud environments (AWS, Azure, GCP) from a security perspective. Experience with scripting or automation (e.g., Python, PowerShell) is a plus. Familiarity with threat intelligence platforms, malware analysis tools, and adversary simulation frameworks. Industry certifications such as GCIA, GCIH, GCFA, OSCP, or equivalent are highly desirable. Excellent communication skills, with the ability to convey complex technical issues to both technical and non-technical audiences. Senior-level expertise in leading complex investigations and responding to advanced cyber threats. Skilled in malware analysis, threat hunting, and forensic investigations across diverse environments. Proficient in developing detection logic and tuning analytics to identify sophisticated attacker behaviors. Strong understanding of adversary TTPs and frameworks like MITRE ATT&CK and Cyber Kill Chain. Effective mentor and technical leader for junior analysts, fostering a culture of excellence in the SOC. Experience coordinating incident response efforts and communicating findings to stakeholders. Commitment to continuous improvement of SOC processes, playbooks, and detection capabilities. Strategic thinker with the ability to assess risk, lead under pressure, and drive operational maturity. Work location, travel and relocation
Work location: On site in Austin, TX. Travel: May include up to 10% domestic and international travel. Relocation Assistance: Authorized. Must be legally authorized to work in country of employment without sponsorship for employment visa status. Compliance and well-being
3M promotes compliance with corporate policies, procedures, and security standards. Safety is a core value; all employees contribute to a strong Environmental Health and Safety (EHS) culture by following safety policies, identifying hazards, and pursuing continuous improvement. Notes
Applicable to US Applicants: Compensation range and benefits information are provided in the posting. Equal opportunity employer and information on benefits and terms of use are available through 3M’s careers site.
#J-18808-Ljbffr
Senior SOC Analyst (L3) in 3M’s Cyber Defense Organization. Leads complex investigations, responds to high-severity incidents, and mentors junior analysts. Bridges tactical operations and strategic defense with deep technical expertise, strong analytical skills, and adversary-minded thinking. This role provides an opportunity to transition from other private, public, government or military experience to a 3M career. Responsibilities
Management: Provide mentorship and technical oversight to L2 analysts and MSSP-led staff, review investigations, and guide escalation decisions. Lead incident response for high-severity events, coordinating across teams to ensure containment and remediation. Contribute to the development and refinement of SOC processes, playbooks, and escalation protocols. Participate in hiring, onboarding, and training activities to build a high-performing SOC team. Technical: Conduct advanced investigations of security alerts and incidents (malware analysis, lateral movement, data exfiltration). Perform threat hunting using hypothesis-driven approaches and threat intelligence to uncover hidden threats. Develop and tune detection rules, correlation logic, and behavioral analytics across SIEM, EDR, and cloud platforms. Analyze attacker TTPs and translate them into actionable detections using MITRE ATT&CK and the Cyber Kill Chain. Lead forensic investigations (memory, disk, network) to support incident response and legal requirements. Collaborate with detection engineering and threat intelligence teams to improve detection coverage and response workflows. Organizational: Serve as a key point of contact during major incidents, providing technical updates and risk assessments to leadership and stakeholders. Document investigation findings, incident timelines, and lessons learned in a clear, structured format. Support compliance and audit efforts by ensuring incident handling aligns with regulatory and policy requirements. Collaborate with IT, OT, and business units to ensure visibility and response capabilities across all environments. Contribute to SOC maturity assessments and strategic planning to enhance the organization’s cyber defense posture. Your Skills And Expertise
To set you up for success in this role from day one, 3M requires (at a minimum) the following qualifications: Bachelor’s degree in Cybersecurity, Information Technology, or Computer Science (completed and verified prior to start) Five (5) years of experience in a SOC or cybersecurity operations role, with at least 2 years in a senior or L3 capacity in a private, public, government or military environment Additional qualifications that could help you succeed include: Proficiency in SIEM (e.g., Splunk, Sentinel), EDR (e.g., CrowdStrike, Carbon Black), and forensic tools. Strong understanding of Windows, Linux, and cloud environments (AWS, Azure, GCP) from a security perspective. Experience with scripting or automation (e.g., Python, PowerShell) is a plus. Familiarity with threat intelligence platforms, malware analysis tools, and adversary simulation frameworks. Industry certifications such as GCIA, GCIH, GCFA, OSCP, or equivalent are highly desirable. Excellent communication skills, with the ability to convey complex technical issues to both technical and non-technical audiences. Senior-level expertise in leading complex investigations and responding to advanced cyber threats. Skilled in malware analysis, threat hunting, and forensic investigations across diverse environments. Proficient in developing detection logic and tuning analytics to identify sophisticated attacker behaviors. Strong understanding of adversary TTPs and frameworks like MITRE ATT&CK and Cyber Kill Chain. Effective mentor and technical leader for junior analysts, fostering a culture of excellence in the SOC. Experience coordinating incident response efforts and communicating findings to stakeholders. Commitment to continuous improvement of SOC processes, playbooks, and detection capabilities. Strategic thinker with the ability to assess risk, lead under pressure, and drive operational maturity. Work location, travel and relocation
Work location: On site in Austin, TX. Travel: May include up to 10% domestic and international travel. Relocation Assistance: Authorized. Must be legally authorized to work in country of employment without sponsorship for employment visa status. Compliance and well-being
3M promotes compliance with corporate policies, procedures, and security standards. Safety is a core value; all employees contribute to a strong Environmental Health and Safety (EHS) culture by following safety policies, identifying hazards, and pursuing continuous improvement. Notes
Applicable to US Applicants: Compensation range and benefits information are provided in the posting. Equal opportunity employer and information on benefits and terms of use are available through 3M’s careers site.
#J-18808-Ljbffr