Sr. Information Security Manager

Job Title

Job Description

You will be responsible for developing, implementing, and overseeing a strategic security plan for the Information Technology (IT), Integrated Supply Chain (ISC) and Operational Technology (OT) environments. Your role is critical in protecting sensitive data, ensuring system integrity, and mitigating risks while maintaining compliance with industry regulations.

Your Responsibilities:

Security Strategy & Risk Management

• Develop and execute a comprehensive IT & OT security strategy aligned with industry standards.
• Identify, assess, and mitigate security risks across the supply chain and operational environments.
• Ensure compliance with regulatory standards (e.g., HIPAA, FDA).

Security Architecture & Operations

• Design and maintain a secure architecture for IT and OT environments.
• Deploy firewalls, IDS solutions, and security tools (Nozomi Guardian, Armis, Claroty, Microsoft Defender for IoT).
• Establish and enforce a security policy framework for supply chain technologies.

Incident Response & Threat Management

• Develop and lead incident response plans to handle security threats.
• Conduct risk assessments and implement remediation plans without disrupting operations.
• Perform threat modeling (STRIDE, PASTA, DREAD) and cyberattack simulations to strengthen defenses.
• Analyze attack patterns using the MITRE ATT&CK framework and develop countermeasures.

Compliance & Governance

• Work with service owners to review and improve security controls.
• Define and track security KPIs to measure effectiveness.
• Collaborate with Philips’ Security Office to drive continuous security improvements.

Vendor & Stakeholder Management

• Conduct security assessments of suppliers to ensure compliance with security standards.
• Train employees and stakeholders on security best practices to foster a culture of security awareness.

You're the right fit if you have:

• Bachelor’s or Master’s degree in Information Technology and or commensurate experience in delivering security solutions.
• Overall Enterprise IT Security experience of 12 yrs or more.
• Security Certifications such as CISSP, CISM, CISA, CIPP etc. preferred
• Excellent English language communication skills, both verbal and written. Cross-cultural etiquette, customer-centric and collaborative mindset.
• Works autonomously within established procedures and practices.
• Good command of stakeholder management, judgement, conflict resolution, risk & mitigations.
• Provides leadership to the global team at strategic, tactical, and operational levels
• Maintains current knowledge of industry and regulatory trends and developments for enterprise technology.
• Specialized in a number of Security domains such as incident response, operational assessment of security posture, and general security management.
• Thorough understanding of Security Management principles, Security governance principles
• Good knowledge of MITRE Framework, IEC 62443/NIST 800:23/

Why Join Us?

• Make a real impact by securing global supply chain operations.
• Work with leading cybersecurity tools in a dynamic environment.
• Collaborate with top security experts to drive innovation and protection.

If you’re passionate about IT & OT security, compliance, and safeguarding critical infrastructure, we’d love to hear from you!

How we work together:

We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company’s facilities. Field roles are most effectively done outside of the company’s main facilities, generally at the customers’ or suppliers’ locations.

This role is an office-based role.

#LI-EU