Creative and Design Engineering IT Management & Business Others Other Science and Tech
3 - 5 Years
Product Security Officer
Product Security Officer
In this role, you have the opportunity to
The Product Security Officer (PSO) will be responsible for advancing the practice of product security design and development across Business Units.
The role will require influence and leadership through collaboration with GM and R&D Engineering & Development teams.
Our goal is to ensure that our product development teams maximize economic value, design secure products, optimize product security features, performance, manufacturing costs and time to market as we bring life-saving products and services to the world with outstanding quality, security and reliability.
When applicable, the PSO will manage functional reports (Product Security Leads) within various BU locations.
You are responsible for
Identify Risks throughout the Idea-to-market (I2M) and work with other teams as necessary to provide mitigation and cost/benefit analysis.
Ensure customer security requirements are being addressed within our products.
Support business initiatives by providing solutions based on standard methodologies, regulatory and customer requirements.
Support the development of risk mitigations and control plans for the product in the Business
Develop Risk and Benefits Cost analysis to present to the Product/Program Manager
Ensure that all Penetration, Vulnerable assessment and Fuzz testing are completed
Conduct PSRA (Product Security Risk Assessments) for BU (Business Units) Perform Product Security Audit and Compliance activities
Reporting on business specific Key Performance Indicators.
Work with Product Managers, Field Marketing, Services and Sales to collaborate on Product Security topics, incident response and customer complaints.
Work with Quality and Regulatory on Product Security process and procedures in QMS (Quality Management System)
Support the Product and Security Services Office to drive security standards throughout the business.
Champion the importance of product security during the life cycle of products. Develop/tailor and conduct information security training for product managers, program managers and architects.
Monitors and communicates emerging security requirements as potential policy and guidance; works with the "various internal business and product security teams as needed
Maintaining certifications for ISO 27001 and NEN 7510 and managing compliance with other (international) guidelines for information security like ISO 27002, NEN 7512 & NEN 7513, RMF for DoD IT
Maintaining the business continuity/disaster recovery plan.
To succeed in this role, you should have the following skills and experience
Technical Bachelor’s degree in Computer Science, Engineering, or Biotechnology required MBA or Master’s degree (preferred) Minimum of 6 years in product security or risk management CISSP/CISM Preferred.
Experience in Incident handling and response
Experience in designing software development products using SDLC (i.e., Agile, DevOps)
Experience working in a large global organization.
Experience in Health information security management (ISO 27799, ISO/IEC 80001, RMF for DoD IT)
A comprehensive knowledge of ISO 27001,NIST 800-53 R4, ISO 9001, NEN 7510, NEN 7512 and NEN 7513
Familiar with Laws and regulations on privacy, data protection, and breach notification (95/46/EC, HIPAA, FDA, ISO/TS 14265, 21CFR820, SB1386, etc.)
Domain specific standards and approaches on privacy and product security (DICOM, IHE)
Understanding of Windows and Linux operating systems and networking required.
An extensive knowledge of the General Data Protection Regulation (GDPR) and international privacy legislations (including HIPAA);
In return, we offer you
A path towards your most rewarding career! We will support your personal and professional development with the opportunity to further advance your career in a company that believes in offering its employees the challenges and opportunities they need to grow professionally and personally.
We also believe that we are at our best as a company when you are at yours as a person! Thus, we offer competitive health benefits, a flexible work schedule and access to local well-being focused activities.
Why should you join Philips?
Working at Philips is more than a job. It’s a calling to create a healthier society through meaningful work, focused on improving 2.5 billion lives a year by 2030 by delivering innovative solutions across the health continuum. Our people experience a variety of unexpected moments when their lives and careers come together in meaningful ways. Learn more by watching this video.
To find out more about what it’s like working for Philips at a personal level, visit the Working at Philips page on our career website, where you can read stories from our employee blog. Once there, you can also learn about our recruitment process, or find answers to some of the frequently asked questions.
Philips is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex (including pregnancy), sexual orientation, gender identity, national origin, genetic information, creed, citizenship, disability, and protected veteran or marital status.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
If you forgot your password, you can click the Forgot Password button on the Sign In screen to reset it.
If you have any other questions regarding the recruitment process please refer to our FAQs. In case of technical difficulties with the website, please send an email to firstname.lastname@example.org. (Note: To ensure fairness and legal compliance in our recruitment processes, only technical issues will be monitored through the above inbox. Please do not submit resumes or applications to this email, as they will not be reviewed. Only applications received through the online application process will be considered.)