
Job Information
Philips Information Security Officer R&D in Shenzhen, China
null
Philips is a global leader in health technology, committed to improving billions of lives worldwide and striving to make the world healthier and more sustainable through innovation. Driven by the vision of a better tomorrow.
But it’s not just what we do, it’s who we are. We are 80,000, wonderfully unique individuals, with two things in common. An unwavering sense of purpose and a relentless determination to deliver on our customers’ needs. It’s what inspires us to create meaningful solutions – the kind that make a real difference – when it matters most.
The world and our customers’ needs are changing faster than ever before and while we are proud of what we do already, we know we can do more. That’s why we need you, to help us tackle increasingly complex challenges posed by ever evolving health and well-being needs.
In this role, you have the opportunity to make life better
Looking at the challenges the world is facing today Philips’ purpose has never been more relevant. So whatever your role, if you share our passion for helping others, you’ll be working towards creating a better and fairer future for all.
You are responsible for
Be an authority on the Philips Security Management Framework: policies (tactical level), processes and risk management designs. Drive and support compliance/policy/risk reviews for your assigned R&D departments.
Engage with R&D teams to identify improvement opportunities across secure foundation, information protection, secure access to business information/assets, threat/ incidents response capabilities and vulnerabilities mitigation.
Drive R&D departments on the implementation of ISMS (High level controls and Technical Baselines), gather information and assess risk together with the risk management team.
Support the embedding of Information Security (e.g., ISMS, client requirements, Technical Baselines) within R&D department operations and various environments.
Ensure ‘security by design’ in relevant R&D and product development systems. Review and drive improvements in existing and new R&D and product development support systems
Provide security consultancy towards R&D teams to ensure new initiatives are designed and executed according to security standards.
Assist business internal audits and overseeing and guiding external audits related to relevant R&D and product development systems.
Direct an ongoing, proactive security risk assessment program so effective controls can be put in place for those areas presenting the greatest security risk in the R&D development area. Communicate risks and recommendations to mitigate risks to the senior management
Be the single point of contact for all things Security for your assigned R&D departments.
You are a part of PIC.
Education/Skills and Experience Requirements:
A Master’s degree in Computer Science or equivalent combination of education and work experience
Minimum of 10 years in product/information security
A strong knowledge and background in secure software development lifecycle management, SecDevOps, and associated tools such TFS and GitHub, and ideally with knowledge and practical experience of application development.
Excellent knowledge of ISO27001/2 and NIST Cybersecurity frameworks
Information security management or audit qualifications such as CISM/ CISSP/ CISA/ CRISC
Experience in the creation and enforcement of information security (including the sensitivity to establish a risk based view on compliance), including compliance reporting
Familiar with Laws and regulations on privacy, data protection, and breach notification, both international such as HIPAA, FDA, GDPR as well as Chinese laws such as MLPS, CBDT and PIPL.
Experience working in a large global organization with practical experience in a highly regulated environment
Experience in Health information security and risk management (ISO 27799, ISO/IEC 80001, DIACAP) is a plus
Strong interpersonal skills – communication, presentation, ability to influence and lead
Self-motivated, positive attitude, and results-oriented
English fluency
Willingness to travel as needed
In return, we offer you
Describe in two to three lines what tangible and intangible benefits the incumbent will gain in this role. Use our Employer Value Proposition (EVP) themes and information gathered in the RSM as input sources.
How we work at Philips
Our newly-adopted hybrid work concept fuses flexibility with collaboration to deliver great outcomes for our people and our customers. We are embracing an approach wherein we spend more time together than apart – which for full-time employees translates to an average of at least 3 days working from the office and up to 2 days from home – for our hybrid roles.
Hybrid work flexibility means people can meet the changing demands of work and home in the most balanced, productive, and healthy way.
Our hybrid working model is defined in 3 ways:
We believe in the importance of impactful collaboration: There's a certain energy when everyone’s in the same room that can heighten idea generation and creative friction needed for problem-solving.
We embrace flexibility: Choosing where, when and how to work can vary according to task and team schedules. Flexibility isn’t office or online, it means choosing the space that works best for you, your teams and our customers on a case-by-case basis.
We want to be at our best: The way we work and our workspaces are designed to support our well-being, offer career advancement opportunities, and enable us to be at our best.
Why should you join Philips?
Working at Philips is more than a job. It’s a calling to create a healthier society through meaningful work, focused on innovative, customer-first health technology solutions. Help us improve the health and well-being of billions of people, every year. Ultimately creating a career that no one could have planned for. Even you.