Posted on Oct 12th 2019

Information & Product Security Officer


Full time



Posted on Oct 12th 2019


Full time



Job Title

Information & Product Security Officer

Job Description

In this role, you have the opportunity to

As Information & Product Security Officer, you are the leading responsible expert in your designated business, market and functions for all activities related to information and products & services security, both internally within the Enterprise, and for the products and services we deliver to our customers.

The Information & Product Security Officer works across various environments, markets and business teams to maintain and expand a world-class capability and culture around information & product security and ensures that formal regulations and certifications are kept up to date and adhered to

You are responsible for

  • General:
  • Support/localize information & product security awareness, training and education programs.
  • Supports, creation, approval and embedding of information/product security policies, adaptions, standards.
  • Establish & deliver centralized reporting within Philips and to the business markets on the effectiveness of the information & product security function and its performance against strategic objectives.
  • Aligns with the supplier security team on information & product security issues related to Philips suppliers/partners/3rd party ecosystems.

  • Product & Services Security:
  • Creating products & services security strategies, both short-term and long-range, in support of the business goals.
  • Identify product/services security requirements throughout the Idea-to-market (I2M)/ Product Development Lifecycle Management and work with other teams as necessary to provide mitigation and cost/benefit analysis.
  • Directing an ongoing, proactive product & services security risk assessment program so effective controls can be put in place for those areas presenting the greatest information security risk. Communicating risks and recommendations to mitigate risks to the senior management
  • Supporting businesses in maintaining external business certifications and compliance with other (international) guidelines for information security.
  • Assisting with business internal audits and overseeing and guiding external audits related to its products and services in the markets.
  • Creating products & services security strategies, both short-term and long-range, in support of the business goals.

  • Information Security:
  • Be an authority on the Philips Security Management Framework: policies (tactical level), processes and risk management designs. Drive and support compliance/policy/risk reviews for your assigned market areas/business units.
  • Engage with business, markets and functions to identify improvement opportunities across secure foundation, information protection, secure access to business information/assets , threat/ incidents response capabilities and vulnerabilities mitigation.
  • Help Philips businesses and markets in making their own information (application) security assessments and sample assessments in order to audit compliance and report on compliance.
  • Drive local business on the implementation of ISMS (High level controls and Technical Baselines), gather information and assess risk together with the risk management team.
  • Support the embedding of Information Security (e.g. ISMS, client requirements, Technical Baselines) within business/markets/ functions operations and various environments.

    You are a part of

    Security team. You will base in Shanghai and report to Regional Information Security Officer APAC,.

    To succeed in this role, you should have the following skills and experience

  • A Master’s degree or equivalent combination of education and work experience
  • Minimum of 10 years in product/information security or risk management and/or related functions (such as IT audit, IT Risk Management and IT Compliance)
  • Excellent knowledge of ISO27001/2 and NIST Cybersecurity frameworks
  • Information security management or audit qualifications such as CISM/ CISSP/ CISA/ CRISC
  • Experience in the creation and enforcement of information security (including the sensitivity to establish a risk based view on compliance), including compliance reporting
  • Experience in Health information security and risk management (ISO 27799, ISO/IEC 80001, DIACAP)
  • Familiar with Laws and regulations on privacy, data protection, and breach notification, such as HIPAA, FDA, GDPR, ISO/TS 14265, 21CFR820 and equivalent China Cyber Security Laws (CPCS, CBDT, CII).
  • Domain specific standards and approaches on privacy and product security (DICOM, IHE)
  • Experience working in a large global organization with practical experience in a highly regulated environment
  • Strong interpersonal skills – communication, presentation, ability to influence and lead
  • Self-motivated, positive attitude, and results-oriented
  • English fluency
  • Willingness to travel as needed

    In return, we offer you

    A path towards your most rewarding career. Philips is growing its marketing capability enterprise wide. Succeeding in this market-based role in a complex environment will open many doors for your long-term career, in other areas in Philips or otherwise. We also believe that we are at our best as a company when you are at yours as a person. Thus, we offer competitive health benefits, a flexible work schedule and access to local well-being focused activities.

    Why should you join Philips?

    Working at Philips is more than a job. It’s a calling to create a healthier society through meaningful work, focused on improving 3 billion lives a year by delivering innovative solutions across the health continuum. Our people experience a variety of unexpected moments when their lives and careers come together in meaningful ways. Learn more by watching this video.

    To find out more about what it’s like working for Philips at a personal level, visit the Working at Philips page on our career website, where you can read stories from our employee blog. Once there,you can also learn about our recruitment process, or find answers to some of the frequently asked questions.


If you forgot your password, you can click the Forgot Password  button on the Sign In screen to reset it. 

If you have any other questions regarding the recruitment process please refer to our FAQs. In case of technical difficulties with the website, please send an email to 
(Note: To ensure fairness and legal compliance in our recruitment processes, only technical issues will be monitored through the above inbox. Please do not submit resumes or applications to this email, as they will not be reviewed. Only applications received through the online application process will be considered.)




Over 125 years ago, Frederik and Gerard Philips started a small light bulb company in Eindhoven. Little did they realize that it would become a global force of innovation, committed to improving billions of lives worldwide. But it did. Today, Philips is a world leading health technology company with a vision to make life better for people worldwide through meaningful innovation. Making good on this promise depends on our passionate, inspirational, collaborative and diverse team. We have over 80,000+ brilliant people around the world but are always looking for more. Like-minded, motivated, focused minds to join us in creating a healthier, more connected society while tranforming themselves personally and professionally. Working at Philips is more than a job. It's an experience filled with unexcepted moments that will transform you in lasting and positive ways. Help us improve the world for the better while building a career that no one could have planned for. Even you.




* 我希望收到飞利浦工作提醒。 这是什么意思?


No similar jobs found