Product Security Officer - Wellcentive
Job TitleProduct Security Officer – Wellcentive
At Philips, we believe people should be healthy, live well and enjoy life. We challenge ourselves every day to deliver on this promise and help solve the world’s most pressing health care concerns. We do this by developing innovative solutions across the continuum of care in partnership with clinicians and our customers to improve patient outcomes, provide better value and expand access to care.
Philips is looking for a product security officer to help us ensure the security of our Products and Services. This position is responsible for providing guidance, expertise and solutions to Wellcentive and H2H organizations: Specific job responsibilities include:
- Develop plans for the deployment of security tooling and solutions; perform security risk assessments; guide the businesses through the secure software development lifecycle within the Population Health Management Business Group. Provide clear guidance on reporting requirements. Implement metrics and monitoring of the solution.
- Develop and conduct solutions training for developers, engineers, system administrators, privileged users, product managers, customer support and operations.
- Participate in architecture and design of products and services providing information security advice; reviewing proposed services; engineering changes; and feature requests for security implications and needed security controls.
- Verify that security requirements defined in the information system and product security plans (policies and procedures) are followed and protection measures are functioning as intended.
- Conduct product and services security risk assessments.
- Guide Service organizations in their management of the resolution of product security audit or assessment findings.
- Develop and implement product and information security policies, standards, guidelines and procedures.
- Handle security incidents and review risk and impact of breaches to protected systems.
- Oversee efforts to monitor for and evaluate the impact of vulnerabilities and threats to technologies used and co-ordinate remediation efforts.
- Lead development of threat models and oversee security penetration testing.
We are looking for
- Experience in the Healthcare sector.
- Experience working in a large global organization.
- Minimum 8 years of information security experience including responsibility for the security of healthcare products and service infrastructure including both management and operational experience.
- Experience with deployment of security solutions in the medical industry.
- Experience with patch management solutions.
- Experience with project management and leading complex projects.
- Security experience in all phases of product and service development lifecycle including architecture, design, development, testing, release, and operational maintenance.
- Incident management including detection and response.
- Experience with cloud computing security, network, operating system, database, application, and mobile device security.
- Vulnerability management and remediation.
- Attack and penetration testing of network infrastructure and web-based applications utilizing manual and automated tools.
- Experience with information security risk management, including conducting information security audits, reviews, and risk assessments.
- A diverse skill base in both product security and information security including organizational structure and administration practices, system development and maintenance procedures, system software and hardware security controls, access controls, computer operations, physical and environmental controls, and backup and recovery procedures.
- Detailed knowledge and experience in security and regulatory frameworks, specifically ISO 27001, and preferably NIST 800 series. Also knowledge of SOC2, FedRAMP, STAR, NIST 800-53, and HIPAA.
- Strong leadership, communication, mentoring, and interpersonal skills, as well as the ability to work with internal and external audiences.
Candidate must possess the ability to solve a wide range of complex technical problems, requiring ingenuity and innovation.
Required certifications: CISSP or SANS GSEC
Preferred certifications: CISA, CISM, ISSMP, CIPP
At Philips, we are driven by our mission to improve the lives of 3 billion people per year by 2025, and every day we move closer to achieving our goal by creating cutting-edge solutions that lead to confident diagnosis, improved care, and increased quality of life for patients. Thanks to our employees who share our passion for improving lives, we are at the forefront of the Healthcare industry leading in image guided interventions, ultrasound, patient monitoring, cardiology informatics, sleep therapy and respiratory care. Named one of the Top 50 Happiest Companies in America in 2013, we enable our employees to create a legacy in life through their work and support their development through people-centric learning, total rewards and personalized development planning programs.
Ready to start improving lives by putting your personal skills & passions to work?
Find out more info about Philips at www.philips.com/na/careers
Philips is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex (including pregnancy), sexual orientation, gender identity, national origin, genetic information, creed, citizenship, disability, protected veteran or marital status.
As an equal opportunity employer, Philips is committed to a diverse workforce. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veterans’ Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants that require accommodation in the job application process may contact 888-367-7223, option 5, for assistance.
In case of difficulties with your job application please send an email to [email protected]
Back to top