Philips Group Information Security is responsible for the protection of confidentiality, integrity and availability of Philips information assets, Philips Group Information Security is part of Philips Group Security, reporting to the CFO of Philips. We are on an exciting journey to build and improve a risk-based information security culture for our organization. You could be a part of this journey!
You will report to the Sr. Director of Governance, Risk and Compliance, functionally to the Regional Information Security Officer.
Teaming up is far more important than formal reporting structures, so you will work in multi-disciplinary teams to achieve the best and most innovative results, some of these teams include policy integration, risk management, supplier security, projects and operational security.
You will functionally lead other information security managers linked to the region.
You are responsible for the compliance to the Information Security Management Framework and the under lying policies, procedures, guidelines & standards. The team drives and supports self-assessment which in future will need to be done by existing Philips Business Units, it also will perform audits on the longer term. As we are growing at a very fast pace, we are looking for talent to strengthen our team!
Within our global network, you will have the opportunity to be working with colleagues from all over the world that are as passionate about what they do, as you are! Our locations are China, Singapore, India, Germany, Netherlands and USA.
Working at Philips means driving your career in an organization with an incredible diversity of nationalities, skills, backgrounds, functions and challenges.
Being responsible for developing a security culture in such a diverse and global organization will offer you the opportunity to put your experience to the test, empower, correct and consistent use of policies & standards within Philips..
Your challenge will be to really make an impact and drive organizational change throughout the organization, where security is not seen as a compliance nuisance but as something core to every individual’s responsibilities.
Be a specialist on the Philips policies, processes and risk management designs and drive and support compliance and policy implementation for your assigned areas/business units
Develop medium term policy for your assigned Philips units and/or regions/countries into a roadmap, including your level of engagement with our businesses.
Find solutions to overcome non-compliance based on sound risk management.
Be a recognized authority on information security by our businesses and team up with the various disciplines to effectively achieve goals together.
Builds actively networks, inside and outside the company in relation to the specialism of compliance and assessment methodologies
Support and guide the creation, approval, and embedding of security policies adaptions, standards.
Help Philips Business in making their own information security assessments and sample assessments in order to audit compliance, report on compliance.
Support projects in their communication and stakeholder management where required
Support localize security awareness & training (Training and Awareness material is generated by a separate team)
Establish and deliver centralized reporting within Philips and to the business markets on the effectiveness of the security function and its performance against strategic objectives
Drive local business on the implementation of ISMS (High level controls and Technical Baselines), gather information and assess risk together with the risk management team.
Supports the supplier security team when it comes to local contracting or other supplier related work if required
Supports with embedding Information Security (e.g. ISMS, client requirements, Technical Baselines) within delivery execution.
Reviews Technical Baseline Assessment and supports creation and execution of resulting Compliance Action Plans
What We Are Looking For[
At least 5 years of relevant work experience in (information security) risk management and/or related functions (such as IT audit, IT Risk Management and IT Compliance)
Excellent knowledge of ISO27001/2 and NIST Cybersecurity frameworks
Experience in a global company in matrix like organizational settings is preferred.
Information security management or audit qualifications such as CISM, CISSP, CISA, or CRISC; will be a plus.
Practical experience in highly regulated environment (FDA, SoX, Export, Privacy/GDPR, HIPAA)
Experience in building teams & relationships, communicating and coordinating with (sr.) stakeholders, being absolutely trustworthy with high standards of personal integrity
In-depth Information Security knowledge & understanding
Project Management Experience & Skills and good working knowledge of AGILE and LEAN
Fluent in Japanese and English
Act and decide towards intended and agreed results
Customer First attitude
Strong business and interpersonal skills.
The ability to analyze, understand, and explain the value proposition of security initiatives to mid-level business and market leaders.
You will be a change agent, able to recognized as a highly credible resource.
Must be self-motivated, highly organized, articulate, and possess excellent verbal and written communication skills.
【就業時間】9:00-17:30 休憩時間： 原則として12:00～13:00
【給与】月給 85万円～120万円 （管理職手当を含む）＊ただし、ご経験等を考慮の上決定