At 3M, we apply science in collaborative ways to improve lives. With $33 billion in sales, our 93,000 employees connect with customers all around the world.
3M has a long-standing reputation as a company committed to innovation. We provide the freedom to explore and encourage curiosity and creativity. We gain new insight from diverse thinking, and take risks on new ideas.
Here, you can apply your talent in bold ways that matter.
3M is seeking a DevOps Security Engineer for the Health Information Systems Division located in Murray, UT; Silver Spring, MD; St. Paul, MN, Austin, TX
3M Health Information Systems (HIS) is the world leader for innovating the language of health and delivers comprehensive software and consulting services. Working at 3M Health Information Systems you will be helping with today's challenges while preparing for tomorrow's. Transforming health care from a system that treats disease, to a system that improves health and wellness begins with accurate health information and payment. From improving the efficiency of medical records coding to outlining success in value-based care and healthcare analytics. All while working with the best and the brightest to advance more than your own career, you are working to advance the entire world.
The DevOps Security Engineer will be joining the 3M HIS security operations team as a code security expert to help improve our both our legacy and cloud applications. As the program lead, they will work on the design, integration, and implementation of the code security program using automation wherever possible to improve effectiveness. One of the exciting opportunities in this position is the chance to work with a new team that has a positive collaborative environment with lots to do and lots to build. You will get to work in a new cloud environment featuring an AWS CI/CD pipeline, automated control enforcement, and other cool technologies.
This position provides an opportunity to transition from other private, public, government or military environments to a 3M career.
Primary Responsibilities include but are not limited to the following:
* Integrate with other HIS development teams to improve code security practices and resolve remediation issues
* Ensure that static code and third-party library scanning tools are operating effectively and enable teams to see and resolve deficiencies
* Improve the effectiveness of code and other vulnerability management-related security solutions by integrating them with other work processes and tools
* Establish training and reporting that provide development teams the resources and visibility they need to be effective
* Provide guidance to teams that use both legacy and continuous integration and continuous deployment processes.
* Actively participate in relevant corporate programs/initiatives, comply with professional and quality standards, follow corporate policies and procedures, and act in a manner consistent with 3M's values and ethical standards.
* Possess a Bachelor's Degree or higher from an accredited university OR High School Diploma/GED or higher from an accredited institution and a minimum of four (4) years of experience in software security in lieu of the bachelor's degree education requirement
* Minimum of three (3) years of experience as a security influenced developer or security engineer with code security responsibilities
* Experience with DevOps or similar highly integrated work environments
* Experience with cloud environments, service oriented architectures, and complex enterprise environments
* Bachelor's Degree or higher from an accredited university.
* MCSD, AWS certified devops engineer, or similar certifications
* Experience with Cloud Computing platforms (particularly AWS)
* Solid understanding of networking and data transfer methods
* Deep knowledge of OWASP Top 10 and SANS Top 25 vulnerabilities
* Experience with an enterprise code vulnerability scanning tools (SAST) such as Fortify or Checkmarx
* Comfortable reviewing SAST results with development teams
* Experience with Jenkins, Maven, Docker, Kubernetes, or other modern development practices
Location: Murray, UT; Silver Spring, MD; St. Paul, MN, Austin, TX
Travel: May include up to 10% domestic
Relocation: Is authorized
Diverse & Inclusive 3M
3M is a place where you can collaborate with other curious, creative people. Where your diverse talents, inclusiveness, initiative, and leadership are valued. Where you'll find challenging opportunities that make your career exciting and rewarding. With a diversity of people, global locations, technologies, and products, 3M is a place to grow and be rewarded for excellence.
Most Recent great-news / Awards: 3M received recognition as being A Most Ethical Company! Promoting Ethical Business standards and practices internally, enabling managers and employees to make good choices, and shaping future industry standards by introducing tomorrow's best practices today. Honorees have historically out-performed others financially, demonstrating the connection between good ethical practices and performances that are valued. View this recognition, please visit: http://bit.ly/EthisphereWorldsMostEthicalCompanyAward
Learn more about 3M's creative solutions to the world's problems at www.3M.com or on Twitter @3M.
3M is an equal opportunity employer. 3M will not discriminate against any applicant for employment on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or veteran status.
Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.
Please access the linked document by clicking here, select the country where you are applying for employment, and review. Before submitting your application you will be asked to confirm your agreement with the terms.