Security Awareness and Behavior Change Specialist

This opportunity is for a Security Awareness and Behavior Change Specialist.

In this role you are a part of the People Security Office within Group Security focusing on reducing human-related security risks in a healthcare organization. Traditional awareness programs have proven insufficient, so the position drives a shift toward a data-driven, evidence-based approach. Key responsibilities include identifying risk groups, delivering data driven targeted actions, and driving role-based awareness and training to effectively change behavior and mitigate security risks. You will play a critical role in safeguarding healthcare infrastructure against threats from hackers, organized crime, and nation-states by influencing human behavior and improving security culture.

Your role:

• Work collaboratively with various stakeholder groups, including the performance team, subject matter experts, and security officers, to identify, assess, and prioritize human behavior-related risks throughout the organization.
• Based on behavioral metrics (e.g., phishing simulation results, incidents, training completion, data handling and other behavioral analytics), offer support in delivering targeted interventions such as campaigns, nudges, webinars, role-based awareness, tailored engagements, micro-learning modules, etc. as applicable.
• Create compelling messages to drive data driven engagements and enable the security officers to engage with senior leaders to foster a security-aware culture (especially from a “human risk” lens) — turning employees from being passive recipients of training into active, aware participants in the company’s security resilience.
• Monitor and report on the impact of interventions: track metrics, improvements, identify emerging risks, refine interventions accordingly.
• Lead the execution of compliance training and awareness programs, ensuring employees are well-informed about regulatory requirements and organizational policies to foster a culture of adherence and risk management.
• Integrate latest leading practices for achieving operational excellence into compliance and risk management processes to enhance efficiency, effectiveness, and regulatory adherence across the organization.
• Act as a trusted adviser and thought partner to internal stakeholders and help them understand their human risk exposure and engage them in the mitigation actions.

You're the right fit if you have:

• Bachelor's/ Master's Degree in Information Security, Risk Management, Business Administration, organizational behavior, Communications and Change Management or equivalent.
• Minimum 2 years of experience with Bachelor's in areas such as Security Awareness, Risk Management, Communication and Engagement, Change Management or equivalent.
• Strong communication and stakeholder management skills: able to engage with senior business/functional leads across regions, and drive collaboration.
• Ability to be a natural self-starter (go-getter), comfortable in a complex ecosystem with many stakeholders, able to drive initiatives end-to-end rather than waiting for tasks.
• Experience working in areas such as human/behavioral risk management in security: e.g., knowledge of security risks, behavior-change, and security awareness best-practices is preferred.
• Project-management skills to handle multiple parallel initiatives, track deliverables, monitor metrics.
• A data-driven mindset to use evidence and metrics to prioritize, evaluate and refine programs.

How we work together

We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company’s facilities.​ Field roles are most effectively done outside of the company’s main facilities, generally at the customers’ or suppliers’ locations.​

About Philips

We are a health technology company.