Philips Senior Security Training & Awareness Manager in Eindhoven, Netherlands

Security Awareness Manager

Scope, purpose and nature of rôle

The Security Awareness Manager (SAM) is responsible for developing and delivering strategies and plans to raise the general level of awareness of information security through the organization, and to provide additional, more detailed/specific information security training where relevant. The SAM reports to the Head of Operational Excellence and is closely aligned with other corporate functions such as Human Resources, Corporate Communications, Philips University and Information Technology. The job may involve liaison with or management of third party suppliers of awareness and training materials and services. While this is a management rôle, the SAM is expected to develop and deliver awareness and training materials in person, hands-on, as well as through online Learning Management Systems, other teachers/trainers, and the corporate intranet.

The SAM is overall responsible for our security awareness and education program. Ultimately this job is to reduce risk to our organization by ensuring all employees, staff and contractors know, understand and follow our security requirements and behave in a secure manner.

Our Security Awareness Program Requirements

Ensure that our security awareness program meets all industry regulations, standards, and compliance requirements. Ensure that our security awareness program communicates our security policies and requirements so that people know, understand and can follow them. Identify the top human risks to our organization and the behaviors we need to change to mitigate those risks. Develop and maintain a security awareness program that effectively changes these behaviors so our employees act in a secure manner, reducing the most risk to our organization. Create a positive program that engages employees, to include focusing on changing behaviors both at home and at work. Ultimately we want our employees to demonstrate the same secure behaviors regardless of where they are or the devices they are using. Assure Awareness Deliverables per Program/Market/Business/Function are delivered on time in full to enable a leader-led transformation, escalating when appropriate Structure and maintain this program to be long term, so ultimately we are not changing just behaviors but culture. Perform awareness program impact analysis and localization creating transparency on change effort anticipating risks and road-blocks. Create a metrics framework that can effectively measure these requirements.

Skills and Experience

  • Ability to form complex ‘communications / messages’ in a simple, clear and concise manner to the various communities within our organization. This can include different cultures, nationalities, international locations and languages.

  • Project management experience, the ability to plan, manage and maintain a complex, organization wide program over the longer term.

  • Display practical knowledge of different message distribution techniques to ensure end user communities understand and continually apply the required behavioral change necessary to reduce the ‘human factors’ risk.

  • Ability to communicate with and coordinate the activities of others.

  • Understanding of the concepts of information risks and the different elements that make up risk. In addition have at a minimum a basic understanding of the different concepts of information security.

  • Lead Change: Constantly challenge the status quo creating and supporting the transformational vision for meaningful long term success

  • Drive Operational Excellence: challenges the organization to strive towards Lean Thinking

Distinguishing characteristics of the ideal candidate

The following personal characteristics are high on our wish-list:

  • A sociable, likeable “people person” who gets on well with colleagues;

  • Creative and innovative, bright and sparky;

  • A capable professional communicator, able to research, prepare and deliver high quality, clearly-written communications and awareness materials;

  • Proactive and self-motivated, willing to take the lead on security awareness activities, developing and delivering to a well-thought-out strategy and plans;

  • Confident and professional in relation to information security, with the knowledge and experience to exude competence and a passion for learning.

Relevant qualifications, skills and experience

The following are considered relevant and desirable for the SAM rôle:

  • Awareness and training: demonstrable experience as a team member, team leader, manager, teacher or trainer responsible for awareness activities – ideally on information security otherwise similar technical training/adult education;

  • Other aspects : exposure to and familiarity with relevant standards , information risk management methods and tools plus relevant laws .CG level 70, reports directly to Head of Operational Excellence, Philips Group Security

In this role, you have the opportunity to

Keep Philips and its customer safe. You will change the mindset of the whole Philips organization and raise awareness to the importance of information security. The Security Awareness Manager is responsible for our security awareness and education program. Ultimately, this job is to reduce risk to our organization by ensuring all employees, staff and contractors know, understand and follow our security requirements and behave in a secure manner.

You are responsible for

  • Developing and delivering awareness and training materials in person, hands-on, as well as through online Learning Management Systems, other teachers/trainers, and the corporate intranet.

  • Ensuring that our security awareness program meets all industry regulations, standards, and compliance requirements

  • Identifying the top human risks to our organization and the behaviors we need to change to mitigate those risks. You will develop and maintain a security awareness program that effectively changes these behaviors so our employees act in a secure manner, reducing the most risk to our organization

  • Creating a positive program that engages employees, to include focusing on changing behaviors both at home and at work.Ultimately, we want our employees to demonstrate the same secure behaviors regardless of where they are or the devices they are using

  • Structuring and maintaining this program to be long term, so ultimately we are not changing just behaviors but culture.

  • Performing awareness program impact analysis and localization creating transparency on change effort anticipating risks and road-blocks

  • Creating a metrics framework that can effectively measure these requirements

  • Ensuring that our security awareness program communicates our security policies and requirements so that people know, understand and can follow them

You are a part of

The Security Awareness manager reports to the Head of Operational Excellence and is closely aligned with other corporate functions such as Human Resources, Corporate Communications, Philips University and Information Technology. The job may involve liaison with or management of third party suppliers of awareness and training materials and services. You will report directly to Head of Operational Excellence for Group Security and you will collaborate closely with him.

To succeed in this role, you should have the following skills and experience

  • Multiple years’ experience as change manager in a multinational organization with demonstrated successful implementation of behavioural and cultural changes.

  • Project management experience, the ability to plan, manage and maintain a complex, organization wide program over the longer term.

  • Both knowledge and practical experience using change management models such as Lewin’s change management model, The McKinsey 7-S model, Kotter’s theory or Nudge theory

  • A capable professional communicator, able to research, prepare and deliver high quality, clearly-written communications and awareness materials

  • Understanding of the concepts of information risks and the different elements that make up risk. In addition, have at a minimum a basic understanding of the different concepts of information security.

  • Display practical knowledge of different message distribution techniques to ensure end user communities understand and continually apply the required behavioral change necessary to reduce the ‘human factors’ risk

In return, we offer you

The chance to step into a new and exciting role and organization. The chance to contribute to a cultural change. A global role where you have the opportunity to lead the way and shape the security awareness strategy.

Why should you join Philips?

Working at Philips is more than a job. It’s a calling to create a healthier society through meaningful work, focused on improving 3 billion lives a year by delivering innovative solutions across the health continuum at http://www.philips.com/b-dam/corporate/corporateblog/2016/PhilipsChronicDisease_5.jpg . Our people experience a variety of unexpected moments when their lives and careers come together in meaningful ways.

To find out more about what it’s like working for Philips at a personal level, visit the Working at Philips page at http://www.philips.com/a-w/careers/healthtech/working-at-philips/working-at-philips.html on our career website, where you can read stories from our employee blog at http://www.usa.philips.com/a-w/our-people/life-at-philips.html . Once there, you can also learn about our recruitment process at http://www.philips.com/a-w/careers/healthtech.html , or find answers to some of the frequently asked questions at http://www.philips.com/a-w/careers/healthtech/faq.html .