Sr. Information Security Manager

You will be responsible for developing, implementing, and overseeing a strategic security plan for the Information Technology (IT), Integrated Supply Chain (ISC), and Operational Technology (OT) environments. Your role is critical in protecting sensitive data, ensuring system integrity, and mitigating risks while maintaining compliance with industry regulations.

Your Responsibilities:

1. Security Strategy & Risk Management
2. Develop and execute a comprehensive IT & OT security strategy aligned with industry standards.
3. Identify, assess, and mitigate security risks across the supply chain and operational environments.
4. Ensure compliance with regulatory standards (e.g., HIPAA, FDA).

1. Security Architecture & Operations
2. Design and maintain a secure architecture for IT and OT environments.
3. Deploy firewalls, IDS solutions, and security tools (Nozomi Guardian, Armis, Claroty, Microsoft Defender for IoT).
4. Establish and enforce a security policy framework for supply chain technologies.

1. Incident Response & Threat Management
2. Develop and lead incident response plans to handle security threats.
3. Conduct risk assessments and implement remediation plans without disrupting operations.
4. Perform threat modeling (STRIDE, PASTA, DREAD) and cyberattack simulations to strengthen defenses.
5. Analyze attack patterns using the MITRE ATT&CK framework and develop countermeasures.

1. Compliance & Governance
2. Work with service owners to review and improve security controls.
3. Define and track security KPIs to measure effectiveness.
4. Collaborate with Philips’ Security Office to drive continuous security improvements.

1. Vendor & Stakeholder Management
2. Conduct security assessments of suppliers to ensure compliance with security standards.
3. Train employees and stakeholders on security best practices to foster a culture of security awareness.

You're the right fit if you have:

• Bachelor’s or Master’s degree in Information Technology or equivalent experience in delivering security solutions.
• 12+ years of enterprise IT security experience.
• Security certifications such as CISSP, CISM, CISA, CIPP are preferred.
• Excellent English communication skills, both verbal and written, with a cross-cultural, customer-centric, and collaborative mindset.
• Ability to work autonomously within established procedures.
• Strong stakeholder management, judgment, conflict resolution, and risk mitigation skills.
• Leadership experience in a global team at strategic, tactical, and operational levels.
• Current knowledge of industry and regulatory trends for enterprise technology.
• Specialization in security domains such as incident response, security posture assessment, and security management.
• Thorough understanding of Security Management and Governance principles.
• Good knowledge of the MITRE Framework, IEC 62443, NIST 800 standards.

Why Join Us?

• Make a significant impact by securing global supply chain operations.
• Work with leading cybersecurity tools in a dynamic environment.
• Collaborate with top security experts to drive innovation and protection.

If you’re passionate about IT & OT security, compliance, and safeguarding critical infrastructure, we’d love to hear from you!

How we work together:

We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence at the company’s facilities. Field roles are often outside the main facilities, at customer or supplier locations.

This role is an office-based position.

#LI-EU