Philips Local Information Security Officer North America in Andover, Massachusetts

Our Offer:

Philips Group Information Security is responsible for the protection of confidentiality, integrity and availability of Philips information assets, Philips Group Information Security is part of Philips Group Security, reporting to the CFO of Philips. We are on an exciting journey to build and improve a risk-based information security culture for our organization. You could be a part of this journey!

Your Team:

You will report to the Sr. Director of Governance, Risk and Compliance, functionally to the Regional Information Security Officer. Teaming up is far more important than formal reporting structures, so you will work in multi-disciplinary teams to achieve the best and most innovative results, some of these teams include policy integration, risk management, supplier security, projects and operational security. You will functionally lead other information security managers linked to the region.

You are responsible for the compliance to the Information Security Management Framework and the under lying policies, procedures, guidelines & standards. The team drives and supports self-assessment which in future will need to be done by existing Philips Business Units, it also will perform audits on the longer term. As we are growing at a very fast pace, we are looking for talent to strengthen our team! Within our global network, you will have the opportunity to be working with colleagues from all over the world that are as passionate about what they do, as you are! Our locations are China, Singapore, India, Netherlands and USA.

Your Challenge:

Working at Philips means driving your career in an organization with an incredible diversity of nationalities, skills, backgrounds, functions and challenges. Being responsible for developing a security culture in such a diverse and global organization will offer you the opportunity to put your experience to the test, empower, correct and consistent use of policies & standards within Philips.. Your challenge will be to really make an impact and drive organizational change throughout the organization, where security is not seen as a compliance nuisance but as something core to every individual’s responsibilities.

Your Responsibilities:

  • Be a specialist on the Philips policies, processes and risk management designs and drive and support compliance and policy implementation for your assigned areas/business units

  • Develop medium term policy for your assigned Philips units and/or regions/countries into a roadmap, including your level of engagement with our businesses.

  • Find solutions to overcome non-compliance based on sound risk management.

  • Be a recognized authority on information security by our businesses and team up with the various disciplines to effectively achieve goals together.

  • Builds actively networks, inside and outside the company in relation to the specialism of compliance and assessment methodologies

  • Support and guide the creation, approval, and embedding of security policies adaptions, standards.

  • Help Philips Business in making their own information security assessments and sample assessments in order to audit compliance, report on compliance.

  • Support projects in their communication and stakeholder management where required

  • Support localize security awareness & training (Training and Awareness material is generated by a separate team)

  • Establish and deliver centralized reporting within Philips and to the business markets on the effectiveness of the security function and its performance against strategic objectives

  • Drive local business on the implementation of ISMS (High level controls and Technical Baselines), gather information and assess risk together with the risk management team.

  • Supports the supplier security team when it comes to local contracting or other supplier related work if required

  • Supports with embedding Information Security (e.g. ISMS, client requirements, Technical Baselines) within delivery execution.

  • Reviews Technical Baseline Assessment and supports creation and execution of resulting Compliance Action Plans

What We Are Looking For

Experience:

  • At least > 5 years of relevant work experience in (information security) risk management and/or related functions (such as IT audit, IT Risk Management and IT Compliance)

  • Excellent knowledge of ISO27001/2 and NIST Cybersecurity frameworks

  • Experience in a global company in matrix like organizational settings, preferable healthcare industry.

  • Experience in the creation and enforcement of information security (including the sensitivity to establish a risk based view on compliance), including compliance reporting (3 years)

  • A Master’s degree or equivalent combination of education and (work) experience

  • Information security management or audit qualifications such as CISM, CISSP, CISA, or CRISC;

  • Preferred Certifications: ISO 27001/2 Lead auditor/implementer, including experience in actually guiding and delivering a certification process

  • Practical experience in highly regulated environment (FDA, SoX, Export, Privacy/GDPR, HIPAA)

  • Experience in building teams & relationships, communicating and coordinating with (sr.) stakeholders, being absolutely trustworthy with high standards of personal integrity

  • In-depth Information Security knowledge & understanding

  • ISO27001 Experience & Knowledge

  • Project Management Experience & Skills and good working knowledge of AGILE and LEAN

  • Efficient in building & maintaining effective relationships

Competencies:

  • Fluent in English

  • Comply with security standards and policies and act as a role model in the Philips organization

  • Act and decide towards intended and agreed results

  • Customer First attitude

  • Strong business and interpersonal skills. The ability to analyze, understand, and explain the value proposition of security initiatives to mid-level business and market leaders. High degree of emotional maturity.

  • A broad and potentially diversified set of skills, education, and experience is required. You will be a change agent, able to recognize as a highly credible resource. International experience is appreciated, with added value being given to one or more language proficiencies (Spanish and Portuguese highly appreciated)

  • There are significant expectations for education and experience. Advanced degrees are highly valued and would likely enhance the officer’s credentials. In addition to degrees in security management, information security or criminal justice, additional professional security certifications are expected.

  • Must be self-motivated, highly organized, articulate, and possess excellent verbal and written communication skills. Ability to see the big picture as well as strong attention to detail.

  • Possess a strong teamwork ethic; must have the ability to work both independently and as part of a larger team.

  • Ability to work smart under pressure and efficiently on multiple projects simultaneously in a fast-paced environment where tight deadlines and unexpected complexities can crop up.

  • Motivated, positive attitude, and results-oriented.

Philips is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to of race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

In this role, you have the opportunity to

Philips Group Information Security is responsible for the protection of confidentiality, integrity and availability of Philips information assets, Philips Group Information Security is part of Philips Group Security, reporting to the CFO of Philips. We are on an exciting journey to build and improve a risk-based information security culture for our organization. You could be a part of this journey!

You will report to the Sr. Director of Governance, Risk and Compliance. Teaming up is far more important than formal reporting structures, so you will work in multi-disciplinary teams to achieve the best and most innovative results, some of these teams include policy integration, risk management, supplier security, projects and operational security. You will functionally lead other information security managers linked to the region.

The information security officer is responsible for the compliance to the Information Security Management Framework and the under lying policies, procedures, guidelines & standards. The team drives and supports self-assessment which in future will need to be done by existing Philips Business Units, it also will perform audits on the longer term. As we are growing at a very fast pace, we are looking for talent to strengthen our team! Within our global network, you will have the opportunity to be working with colleagues from all over the world that are as passionate about what they do, as you are! Our locations are China, Singapore, India, Netherlands and USA.

You are responsible for:

  • Owns strategic direction on information security compliance for the region/countries assigned and identify continuous improvement opportunities.

  • Oversee global compliance developments and determines implications for information security

  • Keeps abreast of market, competition, technical, application and societal developments in information security, understanding Philips position and business interests

  • Represents Philips in approved forums and international settings

  • Be seen as a Sr. Specialist and position yourself as the to-go-to person for projects to investigate feasibilities in relation to information security.

  • Support and guide the creation, approval, and embedding of security policies adaptions, standards.

  • Help Philips Business in making their own information security assessments and sample assessments in order to audit compliance, report on compliance.

  • Support projects in their communication and stakeholder management where required

  • Support localize security awareness & training (Training and Awareness material is generated by a separate team)

  • Establish and deliver centralized reporting within Philips and to the business markets on the effectiveness of the security function and its performance against strategic objectives

  • Drive local business on the implementation of ISMS (High level controls and Technical Baselines), gather information and assess risk together with the risk management team.

  • Supports the supplier security team when it comes to local contracting or other supplier related work if required

  • Supports with embedding Information Security (e.g. ISMS, client requirements, Technical Baselines) within delivery execution.

  • Reviews Technical Baseline Assessment and supports creation and execution of resulting Compliance Action Plans

To succeed in this role, you should have the following skills and experience:

  • At least 5 years of relevant work experience in (information security) risk management and/or related functions (such as IT audit, IT Risk Management and IT Compliance)

  • Excellent knowledge of ISO27001/2 and NIST Cybersecurity frameworks

  • Experience in a global company in matrix like organizational settings, preferable healthcare industry.

  • Experience in the creation and enforcement of information security (including the sensitivity to establish a risk based view on compliance), including compliance reporting (3 years)

  • A Master’s degree or equivalent combination of education and (work) experience

  • Information security management or audit qualifications such as CISM, CISSP, CISA, or CRISC. Preferred Certifications: ISO 27001/2 Lead auditor/implementer, including experience in actually guiding and delivering a certification process

  • Practical experience in highly regulated environment (FDA, SoX, Export, Privacy/GDPR, HIPAA)

  • Experience in building teams & relationships, communicating and coordinating with (sr.) stakeholders, being absolutely trustworthy with high standards of personal integrity

  • In-depth Information Security knowledge & understanding

  • ISO27001 Experience & Knowledge

  • Project Management Experience & Skills and good working knowledge of AGILE and LEAN

  • Efficient in building & maintaining effective relationships

  • Excellent written and verbal communication skills

  • Comply with security standards and policies and act as a role model in the Philips organization

  • Act and decide towards intended and agreed results

  • Customer First attitude

  • Strong business and interpersonal skills. The ability to analyze, understand, and explain the value proposition of security initiatives to business and market leaders. High degree of emotional maturity and the ability to calmly facilitate the appropriate resolution of difficult ethical and crisis situations.

  • A broad and potentially diversified set of skills, education, and experience is required. The officer will be a change agent, able to be quickly recognized as a highly credible senior-level resource. International experience is appreciated, with added value being given to one or more language proficiencies (Spanish and Portuguese)

  • There are significant expectations for education and experience. Advanced degrees are highly valued and would likely enhance the officer’s credentials. In addition to degrees in security management, information security or criminal justice, additional professional security certifications are expected.

  • Must be self-motivated, highly organized, articulate, and possess excellent verbal and written communication skills. Ability to see the big picture as well as strong attention to detail.

  • Possess a strong teamwork ethic; must have the ability to work both independently and as part of a larger team.

  • Ability to work smart under pressure and efficiently on multiple projects simultaneously in a fast-paced environment where tight deadlines and unexpected complexities can crop up.

  • Motivated, positive attitude, and results-oriented.

In return, we offer you

A path towards your most rewarding career. Philips is growing its marketing capability enterprise wide. Succeeding in this market-based role in a complex environment will open many doors for your long term career, in other areas in Philips or otherwise. We also believe that we are at our best as a company when you are at yours as a person. Thus, we offer competitive health benefits, a flexible work schedule and access to local well-being focused activities.

Why should you join Philips?

Working at Philips is more than a job. It’s a calling to create a healthier society through meaningful work, focused on improving 3 billion lives a year by delivering innovative solutions across the health continuum at http://www.philips.com/b-dam/corporate/corporateblog/2016/PhilipsChronicDisease_5.jpg . Our people experience a variety of unexpected moments when their lives and careers come together in meaningful ways.

To find out more about what it’s like working for Philips at a personal level, visit the Working at Philips page at http://www.philips.com/a-w/careers/healthtech/working-at-philips/working-at-philips.html on our career website, where you can read stories from our employee blog at http://www.usa.philips.com/a-w/our-people/life-at-philips.html . Once there, you can also learn about our recruitment process at http://www.philips.com/a-w/careers/healthtech.html , or find answers to some of the frequently asked questions at http://www.philips.com/a-w/careers/healthtech/faq.html .

Philips is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex (including pregnancy), sexual orientation, gender identity, national origin, genetic information, creed, citizenship, disability, and protected veteran or marital status.

As an equal opportunity employer, Philips is committed to a diverse workforce. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants that require accommodation in the job application process may contact 888-367-7223, option 5, for assistance.

#LI-PH1