null

In this role, you have the opportunity to

be the leading expert (and responsible) in the your designatedbusiness ,markets and functions for all activities related to information, products & services security, both internally and for the products and services we deliver to our customers.

You are responsible for

General

• Support/localize product & information security awareness, training and education programs

• Support, creation, approval and embedding of Product/information security policies, adaptions, standards

• Establish & deliver centralized reporting within Philips and to the business markets on the effectiveness of the information & product security function and its performance against strategic objectives

• Aligns with the supplier security team on product & information security issues related to Philips suppliers/partners/3rd party ecosystems

Product & Services Security

• Creating products & services security strategies, both short-term and long-range, in support of the business goals

• Identify product/services security requirements throughout the Idea-to-market (I2M)/ Product Development Lifecycle Management and work with other teams as necessary to provide mitigation and cost/benefit analysis

• Directing an ongoing, proactive product & services security risk assessment program so effective controls can be put in place for those areas presenting the greatest information security risk

• Communicating risks and recommendations to mitigate risks to the senior management

• Supporting businesses in maintaining external business certifications and compliance with other (international) guidelines for information security

• Assisting with business internal audits and overseeing and guiding external audits related to its products and services in the markets

• Creating products & services security strategies, both short-term and long-range, in support of the business goals

• Identify product/services security requirements throughout the Idea-to-market (I2M)/ Product Development Lifecycle Management and work with other teams as necessary to provide mitigation and cost/benefit analysis

• Directing an ongoing, proactive product & services security risk assessment program so effective controls can be put in place for those areas presenting the greatest information security risk. Communicating risks and recommendations to mitigate risks to the senior management

• Supporting businesses in maintaining external business certifications and compliance with other (international) guidelines for information security

• Assisting with business internal audits and overseeing and guiding external audits related to its products and services in the markets

Information Security

• Be an authority on the Philips Security Management Framework: policies (tactical level), processes and risk management designs. Drive and support compliance/policy/risk reviews for your assigned market areas/business units

• Engage with business, markets and functions to identify improvement opportunities across secure foundation, information protection, secure access to business information/assets , threat/ incidents response capabilities and vulnerabilities mitigation

• Helps Philips business markets in making their own information (application) security assessments and sample assessments in order to audit compliance, report on compliance

• Drive local business on the implementation of ISMS (High level controls and Technical Baselines), gather information and assess risk together with the risk management team

• Supports with embedding Information Security (e.g. ISMS, client requirements, Technical Baselines) within business/markets/ functions operations and various environments

You are a part of

Philips Group Information & Products Security is responsible for the protection of confidentiality, integrity and availability of Philips information assets and company products. The Product & Information Security Officer works across various environments, markets and business teams to maintain and expand a world-class capability and culture around product & information security and ensures that formal regulations and certifications are kept up to date and adhered to.

To succeed in this role, you should have the following skills and experience

• A Master’s degree or equivalent combination of education and work experience

• Minimum of 10 years in product/information security or risk management and/or related functions (such as IT audit, IT Risk Management and IT Compliance)

• Excellent knowledge of ISO27001/2 and NIST Cybersecurity frameworks

• Information security management or audit qualifications such as CISM, CISSP, CISA, or CRISC;

• Experience in the creation and enforcement of information security (including the sensitivity to establish a risk based view on compliance), including compliance reporting

• Familiar with Information Security Management Systems (ISO/IEC 270001). Experience in Health information security management (ISO 27799, ISO/IEC 80001, RMF for DoD, EU MDR, UL 2900)

• Familiar with Laws and regulations on privacy, data protection, and breach notification (95/46/EC, HIPAA, FDA Pre and Post Cybersecurity Requirements, ISO/TS 14265, 21CFR820, SB1386, etc.)

• Domain specific standards and approaches on privacy and product security (DICOM, IHE)

• Experience working in a large global organization

• Practical experience in highly regulated environment (FDA, SOx, Export, Privacy/GDPR, HIPAA)

• Excellent understanding of how different business units integrate into the strategic vision, business trends and the direction Security must take to support the business

• Strong interpersonal skills – communication, presentation, ability to influence and lead

• Motivated, positive attitude, and results-oriented

• English fluency, additional languages - an advantage

• Willingness to travel as needed

In return, we offer you

Working at Philips means driving your career in an organization with an incredible diversity of nationalities, skills, backgrounds, functions and challenges. Being responsible for developing a security culture in such a diverse and global organization will offer you the opportunity to put your experience to the test, empower, correct and consistent use of policies & standards within Philips.. Your challenge will be to really make an impact and drive organizational change throughout the organization, where security is not seen as a compliance nuisance but as something core to every individual’s responsibilities.

Why should you join Philips?

Working at Philips is more than a job. It’s a calling to create a healthier society through meaningful work, focused on improving 3 billion lives a year by delivering innovative solutions across the health continuum . Our people experience a variety of unexpected moments when their lives and careers come together in meaningful ways. Learn more by watching this video .

To find out more about what it’s like working for Philips at a personal level, visit the Working at Philips page on our career website, where you can read stories from our employee blog . Once there,you can also learn about our recruitment process , or find answers to some of the frequently asked questions .

#LI-EU