Posted on Oct 12th 2019

Supplier Security and M&A Security Officer Greater China


Full time



Posted on Oct 12th 2019


Full time



Job Title

Supplier Security and M&A Security Officer Greater China

Job Description

Philips is a global leader in health technology, committed to improving billions of lives worldwide and striving to make the world healthier and more sustainable through innovation. Driven by the vision of a better tomorrow.

But it’s not just what we do, it’s who we are. We are 80,000, wonderfully unique individuals, with two things in common. An unwavering sense of purpose and a relentless determination to deliver on our customers’ needs. It’s what inspires us to create meaningful solutions – the kind that make a real difference – when it matters most.

The world and our customers’ needs are changing faster than ever before and while we are proud of what we do already, we know we can do more. That’s why we need you, to help us tackle increasingly complex challenges posed by ever evolving health and well-being needs.

In this role, you have the opportunity to make life better
Looking at the challenges the world is facing today Philips’ purpose has never been more relevant. So whatever your role, if you share our passion for helping others, you’ll be working towards creating a better and fairer future for all.

You are responsible for

  • Identify, quantify and propose remediation for information security risks as part of a due diligence and/or integration phases of an acquisition and/or divestment process.

  • Monitor security risks, controls and compliance across Philips M&A related projects

  • Team up to deliver threat profiles and valuable risk statements for risk based decisions

  • Monitor security risks, controls, and compliance across Philips M&A related projects. Collect and record information security risks identified in acquisitions and input into the quarterly risk process and actionable improvements

  • Team up with Group Security colleagues and other workstreams to ensure smooth transitions (from Due Diligence to Post-Merger Integration (PMI) and from PMI to Business-as-usual)

  • Perform Vendor risk assessments, monitoring and management

  • Manage the vendor lifecycle, from due-diligence to termination

  • Identification, ranking of Vendor risks to the enterprise

  • Perform risk management in line with enterprise risk appetite and risk thresholds effectively manage Security and Privacy risks

  • Identify controls needed to mitigate risks

  • Select and apply Security controls 

  • Establish and deliver centralized reporting on performance regarding operational and strategic objectives

  • Develop and maintain security standards and policies (vendor risk management)

  • Engage with suppliers in a complex environment

  • Perform Vendor due diligence investigations 

  • Audits/assessments engagements with suppliers

  • Develop and maintain appropriate (senior) stakeholder relationships

  • Manage non-strictly Legal aspects of contracting

  • Training and awareness on Supplier Security

You are a part of

both the China Security Team and global team Supplier and M&A team, and you will be working with both local and global Group Security peers to navigate this complex landscape, guided by global policies and standards. You will liaison with China key stakeholders in the business, market and functions and provide support and guidance on all matter related to Supplier Security. Within Mergers & Acquisitions (M&A) you will help identify and assess the project’s security risks as part of the cross-functional M&A project teams.

To succeed in this role, you’ll need a customer-first attitude and the following

  • Extensive experience (5+ years) in Vendor risk management and Information Security

  • Extensive strategic and tactical understanding of handling current policy issues

  • University degree in a relevant field of education, preferably Information Technology orientated or Business Administration

  • Excellent knowledge of information security standards such as ISO/IEC 27001, NIST Cybersecurity frameworks and assurance standards such as SOC2

  • CCSP/CCSK, CISM or CRISC certification is pre-requisite. CTPRP a plus.

  • Practical experience in highly regulated environments is a plus (FDA, SOX, Export, Privacy/GDPR, HIPAA, as well as China based regulations such as MLPS, CBDT, PIPL)

  • Demonstrated ability to establish balanced, risk-based compliance management and reporting methods

  • Demonstrated ability to find pragmatic and creative solution to business issues and provide concise and business-focused advice.

  • Experience in the creation and enforcement of security control mechanisms

  • Demonstrated ability to work in a fast-paced environment and to make sound judgments under tight deadlines

  • Excellent English language skills

  • Strong interpersonal skills – communication, presentation, ability to influence and lead

  • Motivated, positive attitude, and results-oriented

In return, we offer you

A path towards your most rewarding career with high level of autonomy. We welcome you to a challenging, innovative environment with great opportunities for you to explore.

How we work at Philips
Our newly-adopted hybrid work concept fuses flexibility with collaboration to deliver great outcomes for our people and our customers. We are embracing an approach wherein we spend more time together than apart – which for full-time employees translates to an average of at least 3 days working from the office and up to 2 days from home – for our hybrid roles.
Hybrid work flexibility means people can meet the changing demands of work and home in the most balanced, productive, and healthy way.

Our hybrid working model is defined in 3 ways:
We believe in the importance of impactful collaboration: There's a certain energy when everyone’s in the same room that can heighten idea generation and creative friction needed for problem-solving.
We embrace flexibility: Choosing where, when and how to work can vary according to task and team schedules. Flexibility isn’t office or online, it means choosing the space that works best for you, your teams and our customers on a case-by-case basis.
We want to be at our best: The way we work and our workspaces are designed to support our well-being, offer career advancement opportunities, and enable us to be at our best.

Why should you join Philips?
Working at Philips is more than a job. It’s a calling to create a healthier society through meaningful work, focused on innovative, customer-first health technology solutions. Help us improve the health and well-being of billions of people, every year. Ultimately creating a career that no one could have planned for. Even you.




Over 125 years ago, Frederik and Gerard Philips started a small light bulb company in Eindhoven. Little did they realize that it would become a global force of innovation, committed to improving billions of lives worldwide. But it did. Today, Philips is a world leading health technology company with a vision to make life better for people worldwide through meaningful innovation. Making good on this promise depends on our passionate, inspirational, collaborative and diverse team. We have over 80,000+ brilliant people around the world but are always looking for more. Like-minded, motivated, focused minds to join us in creating a healthier, more connected society while tranforming themselves personally and professionally. Working at Philips is more than a job. It's an experience filled with unexcepted moments that will transform you in lasting and positive ways. Help us improve the world for the better while building a career that no one could have planned for. Even you.




* 我希望收到飞利浦工作提醒。 这是什么意思?


No similar jobs found