Sr. Information Security Manager

Job Description

You are part of the Enterprise IT ISC Security team, working closely with supply chain business leaders and business contacts at manufacturing sites and warehouse/distribution centers.

Your role is to:

• Develop and implement comprehensive OT security strategies that align with industry best practices and regulatory requirements.
• Identify OT vulnerabilities and perform remediation without causing system unavailability.
• Deploy Firewalls to segment OT systems from other standard IT environments.
• Define Security Policy Framework customized for Supply Chain Technologies
• Identify appropriate tools/solutions in the areas of inventory collection, vulnerability management, antivirus, endpoint detection and response.
• Develop and maintain robust ISC security controls to protect Philips business from security breaches/incidents.
• Hands-on experience in designing and deploying multiple OT IDS solutions.
• Experience with handling well-known OT technologies - Nozomi Guardian, Claroty and Microsoft Defender for IoT (CyberX).
• Experience in conducting risk assessments, and maturity assessment for OT systems and products to identify and prioritize security threats and weaknesses.
• Evaluate new cybersecurity threats and IT trends and develop effective security controls.
• Establish regular governance with service owners to review security control status.
• Liaison with Philips Information Security Office in driving the security Improvement Program.
• Define and report on information security KPIs.
• Analyze the application end-to-end, prepare threat modelling (STRIDE, PASTA & DREAD) based on different risk scenarios, and drive to fix those risks.
• Prepare security use cases/functional requirements that new solutions must meet. Validate that those requirements are met when the solution is delivered.
• Perform defensive/offensive assessments on the IT environment/applications to simulate attacks by real threat actors.
• Perform attack pattern analysis based on MITRE Attack framework and support solution development to address the pattern.
• Understanding of SOC operations and Splunk is preferred.

You're the right fit if you have:

• Bachelor’s or Master’s degree in Information Technology and or commensurate experience in delivering security solutions.
• Overall Enterprise IT Security experience of 12 yrs or more.
• Security Certifications such as CISSP, CISM, CISA, CIPP etc. preferred
• Excellent English language communication skills, both verbal and written. Cross-cultural etiquette, customer-centric and collaborative mindset.
• Works autonomously within established procedures and practices.
• Good command of stakeholder management, judgement, conflict resolution, risk & mitigations.
• Provides leadership to the global team at strategic, tactical, and operational levels
• Maintains current knowledge of industry and regulatory trends and developments for enterprise technology.
• Specialized in a number of Security domains such as incident response, operational assessment of security posture, and general security management.
• Thorough understanding of Security Management principles, Security governance principles
• Good knowledge of MITRE Framework, IEC 62443/NIST 800:23/

How we work together

We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company’s facilities. Field roles are most effectively done outside of the company’s main facilities, generally at the customers’ or suppliers’ locations.

This role is an office-based role.

About Philips

We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.

“Working at Philips is more than a job. It's an experience filled with unexpected moments that will transform you in lasting and positive ways. Help us improve the world for the better while building a career that no one could have planned for. Even you.” Philips Team