Information Security Lead

Information Security Lead at Philips

As an Information Security Lead, you will be responsible for developing, implementing, and monitoring a strategic, comprehensive IT security program. This role ensures compliance with regulatory requirements and mitigates risks to the organization's information assets. The Information Security Lead provides the vision and leadership necessary to manage risk for assigned platforms, ensuring business alignment, effective governance, and the availability, integrity, and confidentiality of systems and infrastructure.

Your Responsibilities

• Develop and maintain robust security controls to protect Philips's business from security breaches and incidents.
• Deliver security demand from the business for essential security controls.
• Ensure operational performance to deliver security controls at an optimum cost.
• Maintain strong relationships with key stakeholders, including business units, ISC, other IT departments, and security teams, to timely deliver on security requirements.
• Engage with auditors to acquire and retain certifications and attestations.
• Support audits through timely response, escalation management, gap analysis, and mitigation efforts.
• Lead internal reviews and assessments of solutions, processes, procedures, and practices.
• Conduct supplier assessments to verify compliance with security schedules.
• Manage the risk profile of IT Infrastructure.
• Drive security education and awareness activities across the platform and Enterprise IT.
• Provide direction for Enterprise IT Security and Cybersecurity protection, overseeing Technology governance and policies.
• Develop Enterprise IT Security strategy and awareness programs, define security architecture, and establish security incident response protocols.
• Offer strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
• Develop, maintain, and publish up-to-date security policies, standards, and guidelines.
• Evaluate new cybersecurity threats and IT trends, then develop effective security controls.
• Evaluate potential security breaches, coordinate responses, and recommend corrective actions.
• Define and report on information security Key Performance Indicators (KPIs).
• Provide Security Project Management and leadership to staff and external resources in support of established goals, improved efficiencies, and problem resolution.
• Maintain current knowledge of industry and regulatory trends and developments for enterprise technology.
• Specialize in security domains such as incident response, operational assessment of security posture, manufacturing security, OT security, and general security management.
• Demonstrate a thorough understanding of Security Management principles, Security governance principles, and Regulatory requirements.
• Experience working with external stakeholders in law enforcement, audit, testing, investigations, and intelligence.
• Monitor, evaluate, and adapt the organization as needed to ensure success in managing Security.
• Organize the preparation of security status dashboards, including presentation to executive management.
• Responsible for formulating long-term security policy for their domain.
• Responsible for the security schedules of major global contracts and the supplier integration and delivery of security services as contracted, managing service delivery components and coordinating supplier teams.

Who You Are

• Bachelor’s or Master’s degree in Information Technology or commensurate experience in delivering security solutions.
• Overall Enterprise IT Security experience of 15+ years or more.
• Security Certifications such as CISSP, CISM, CISA, CIPP are preferred.
• Should have a senior level in the domain of Security & operations management.
• Absolutely trustworthy with high standards of personal integrity (demonstrated by an unblemished career history, lack of criminal convictions, etc.), willing to undergo vetting and/or personality assessments to verify this if necessary.
• Typically a background in technical security roles or operations, with a clear and abiding interest in security.

How We Work Together

Philips believes in the strength of collaboration. This role is classified as an office role, requiring a full-time presence in the company’s facilities, reflecting our commitment to in-person teamwork for office-based teams.

About Philips

We are a health technology company built on the belief that every human matters. Our mission is to ensure everybody everywhere has access to the quality healthcare they deserve. Join us in doing the work of your life to help the lives of others. Learn more about our business, discover our rich and exciting history, and explore our purpose. If you’re interested and possess many, but not all, required experiences, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care.

Key skills/competency

• Information Security Management
• Risk Management
• Compliance & Governance
• Security Controls Implementation
• Incident Response Planning
• Cybersecurity Strategy
• Supplier Security Assessment
• Security Awareness & Education
• IT Infrastructure Security
• Regulatory Adherence