**Job Title**:
Information Security Manager
Philips is a global leader in health technology, committed to improving billions of lives worldwide and striving to make the world healthier and more sustainable through innovation.
Driven by the vision of a better tomorrow.
But it's not just what we do, it's who we are.
We are 80,000, wonderfully unique individuals, with two things in common.
An unwavering sense of purpose and a relentless determination to deliver on our customers' needs.
It's what inspires us to create meaningful solutions - the kind that make a real difference - when it matters most.
The world and our customers' needs are changing faster than ever before and while we are proud of what we do already, we know we can do more.
That's why we need you, to help us tackle increasingly complex challenges posed by ever evolving health and well-being needs.
**In this role, you have the opportunity to make life better**
Looking at the challenges the world is facing today Philips' purpose has never been more relevant.
So whatever your role, if you share our passion for helping others, you'll be working towards creating a better and fairer future for all.
**You are responsible for**
- Reporting on Product Security Business specific Key Performance Indicators (KPIs);
- Working with Quality and Regulatory on Product Security process and procedures to be established or updated in the Quality Management System;
- Understand key market Regulatory requirements;
- Supporting the Group Security to drive security standards throughout the business;
- Champion the importance of product security during the life cycle of products;
- Support/localize information security training and awareness activity for product managers, program managers Quality and Regulatory and architect teams;
- Identify Security Risks throughout the Product Development Life Cycle;
- Work with Cross Functional teams to provide Security Requirements Guidance and Secure by Design Guidance based on a risk based approach;
- Ensure customer security requirements are being addressed within our products;
- Supporting business initiatives by providing solutions based on security best practices, regulatory and customer requirements;
- Conducting Product Security Risk Assessments for Business products and solutions;
- Supporting the development of risk mitigation and control plans for the product in the Business;
- Ensuring that all Static Code Analysis, Penetration testing, and Vulnerability assessments are completed in the Product verification phase;
- Communicating risks and recommendations to mitigate risks to the senior management;
- Supporting the development of Customer security documentation/product labeling;
- Ensure compliance and act in accordance with Philips GBP - General Business Principles policies and Information Security;
- Supporting businesses in maintaining external business certifications and compliance with other (international) guidelines for information security
- Assisting with business internal audits and overseeing and guiding external audits related to its products and services in the markets
**You are a part of**
You'll be a part of the Security Team being an enabler to all Philips' Business in Electronic Medical Record and Care Management.
What we do is guarantee all of our Products are the most secure it could be in CyberSecurity, Data Privacy and regulatory needs to each one of the countries we're present on!
**To succeed in this role, you'll need a customer-first attitude and the following**
- A Master's degree or equivalent combination of education and work experience
- Experience in product/information security or risk management and/or related functions (such as IT audit, IT Risk Management and IT Compliance)
- Practical experience in highly regulated environment (Financial, FDA, SOx, Export, Privacy/GDPR, HIPAA)
- Experience in ISO27001/2 and NIST Cybersecurity frameworks
Excellent understanding of how different business units integrate into the strategic vision, business trends and the direction Security must take to support the business
- Fluent/Advanced in English
- Willingness to travel as needed
**Will be considered strong differentials**
- Information security qualifications such as, CISSP, CEH, CISA or equivalent
- Domain of Laws and regulations on cybersecurity, privacy, data protection, and breach notification (LGPD, GDPR, HIPAA, FDA Pre and Post Cybersecurity Requirements, ISO/TS 14265, 21CFR820, SB1386, etc.)
- Experience working in a large organization
- Additional languages such as Spanish or Dutch.
**In return, we offer you**
Describe in two to three lines what tangible and intangible benefits the incumbent will gain in this role.
Use our Employer Value Proposition (EVP) themes and information gathered in the RSM as input sources.
**How we work at Philips**
Our newly-adopted hybrid work concept fuses flexibility with collaboration to deliver great outcomes for our people and