Cyber Threat & Response Engineer (L2)

3M•Austin, TX

14h•Onsite

About The Position

Step into the front lines of cyber defense as a Cyber Threat & Response Engineer – Level 2, a pivotal role in safeguarding the 3M enterprise and industrial environments against evolving threats. This position is the heartbeat of our Cyber Defense Organization, where you’ll hunt, analyze, and neutralize sophisticated attacks before they escalate. In this role, you’ll bridge the gap between rapid triage and deep-dive investigations. You will be expected to detect the undetectable, escalate with precision, and drive swift incident response to keep adversaries at bay. We’re looking for a sharp technical mind with an insatiable curiosity for threat patterns, a proactive approach to risk mitigation, and the ability to thrive in high-stakes scenarios. If you’re ready to engineer resilience, outsmart attackers, and elevate cyber defense to the next level, this is your arena. Here, you will make an impact by: Management Own the front lines: Monitor and dissect security alerts provided from managed services providers, SIEM, EDR, and advanced detection platforms to uncover potential threats before they strike. Investigate like a hunter: Dive deep into suspicious activity, correlating signals across multiple sources to reveal scope, impact, and adversary intent. Lead the charge: Drive containment, eradication, and recovery for low to moderately complex incidents—keeping attackers on the run. Escalate with precision: Deliver detailed, actionable intelligence to senior engineers and management, ensuring rapid and effective resolution. Close the loop: Support remediation during active incidents and contribute to post-incident reviews to strengthen defenses and eliminate gaps. Technical Turn intel into action: Apply threat intelligence, behavioral analytics, and contextual data to sharpen detection and response capabilities. Engineer smarter defenses: Partner with detection engineering teams to design, test, and fine-tune detection rules and use cases. Analyze the unknown: Perform malware triage, log correlation, and network traffic inspection to uncover hidden threats. Stay ahead of the curve: Track evolving attacker tactics, techniques, and procedures (TTPs) and use that knowledge to outsmart adversaries. Organizational Bridge the gap: Work closely with IT, OT, and business units to validate alerts, gather context, and coordinate swift incident resolution. Drive the process: Capture investigation steps, findings, and actions with clarity and precision for future reference. Continuous improvement: Contribute to playbook enhancements, process improvements, and knowledge sharing. Competency Summary: Experienced in triaging and investigating security alerts across SIEM, EDR, and network platforms Skilled in correlating data from multiple sources to identify and escalate confirmed threats Proficient in supporting incident response efforts and conducting initial root cause analysis Strong understanding of threat intelligence and its application in operational workflows Hands-on experience with scripting languages (Python, PowerShell, Bash) to automate investigations, parse logs, and streamline incident response workflows Effective communicator with the ability to document investigations clearly and collaborate across teams Committed to continuous learning and development in threat detection and response Analytical thinker with a proactive approach to identifying and mitigating risks Reliable team player in a 24/7 SOC environment, contributing to operational excellence

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, or technology field (completed and verified prior to start) OR High School diploma (completed and verified prior to start) and four (4) years of hands-on experience (completed and verified prior to start) AND Two (2) years of experience in a SOC or cybersecurity operations role in a private, public, government or military environment
Must be legally authorized to work in country of employment without sponsorship for employment visa status (e.g., H1B status).
All US-based 3M full time employees will need to sign an employee agreement as a condition of employment with 3M.
Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties.
Safety is a core value at 3M. All employees are expected to contribute to a strong Environmental Health and Safety (EHS) culture by following safety policies, identifying hazards, and engaging in continuous improvement.
Please note: your application may not be considered if you do not provide your education and work history, either by: 1) uploading a resume, or 2) entering the information into the application fields directly.
Carefully read these Terms of Use before using this website. Your access to and use of this website and application for a job at 3M are conditioned on your acceptance and compliance with these terms.

Nice To Haves

Proficiency in analyzing alerts from SIEM, EDR, and network monitoring tools
Familiarity with threat intelligence, basic malware analysis, and log correlation techniques
Ability to write and use scripts (Python, PowerShell, Bash) for automation, log parsing, and incident response tasks
Understanding of common attack vectors, threat actor behaviors, and frameworks like MITRE ATT&CK
Strong analytical and problem-solving skills with attention to detail
Effective communicator with the ability to document investigations and collaborate with cross-functional teams
Certifications such as CompTIA Security+, CySA+, or GCIH

Responsibilities

Own the front lines: Monitor and dissect security alerts provided from managed services providers, SIEM, EDR, and advanced detection platforms to uncover potential threats before they strike.
Investigate like a hunter: Dive deep into suspicious activity, correlating signals across multiple sources to reveal scope, impact, and adversary intent.
Lead the charge: Drive containment, eradication, and recovery for low to moderately complex incidents—keeping attackers on the run.
Escalate with precision: Deliver detailed, actionable intelligence to senior engineers and management, ensuring rapid and effective resolution.
Close the loop: Support remediation during active incidents and contribute to post-incident reviews to strengthen defenses and eliminate gaps.
Turn intel into action: Apply threat intelligence, behavioral analytics, and contextual data to sharpen detection and response capabilities.
Engineer smarter defenses: Partner with detection engineering teams to design, test, and fine-tune detection rules and use cases.
Analyze the unknown: Perform malware triage, log correlation, and network traffic inspection to uncover hidden threats.
Stay ahead of the curve: Track evolving attacker tactics, techniques, and procedures (TTPs) and use that knowledge to outsmart adversaries.
Bridge the gap: Work closely with IT, OT, and business units to validate alerts, gather context, and coordinate swift incident resolution.
Drive the process: Capture investigation steps, findings, and actions with clarity and precision for future reference.
Continuous improvement: Contribute to playbook enhancements, process improvements, and knowledge sharing.

Benefits

3M offers many programs to help you live your best life – both physically and financially.
To ensure competitive pay and benefits, 3M regularly benchmarks with other companies that are comparable in size and scope.
Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits
Relocation Assistance

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume