Philips
Regional Information Security Analyst (Freelance)
The regional information security analyst will proactively work with the regional & local information security officers across major Philips markets to support application security remediation efforts. She/he will support the regional information security team in internal coordination, analysis and reporting related to remediation of security findings for 300+ critical applications. He/she will connect with the compliance lead to embed and operationalize remediation reporting efforts within the compliance monitoring platform. The analyst will also support the regional information security team on analysis, collaboration and reporting of business engagement topics across various information security domains such as information protection, identity and access management, vulnerability management etc. Next to this the information security analyst might also be required to investigate any governance related topics that might arise and align these with the appropriate regional/local information security officer. This role has a functional need to cover global time zones, the person is expected to be flexible w.r.t office hours intermittently? 7:00 ? 19:00 CET hrs. A strong risk & compliance experience with multinational companies of similar size & complexity is required. Good analytical, communication, reporting and stakeholders skills are essential for this role. ?Getting it done? mentality is key. Having an international mindset and outlook is necessary.
Travel: 5-10 % local travel in Netherlands to key Philips locations [ e.g. Amsterdam, Best, Drachten] only when required.
Team: The analyst will be a part of the regional information security team and supervised by regional information security officer, EMEA.
Qualifications/Skills:
- 5+ years in product/information security or risk management and/or related functions in IT (such as IT audit, IT Risk Management and IT Compliance
- A master's degree or equivalent combination of education and work experience
- Good working knowledge of ISO27001/2 and other cybersecurity frameworks
- Qualifications such as CISM, CISSP, CISA, or CRISC is a plus;
- Experience in senior management / compliance reportin
- Experience working in a large global organization
- Practical experience in highly regulated environment (FDA, SOx, Export, Privacy/GDPR, HIPAA)
- Good communication skills, English language both verbally and in writing MUST be very good
- Pro-active attitude. Not afraid to ask further if answers are not given.
- Out of box thinking and drive to be efficient and self-motivated with minimal supervision.
- Someone who has an experience of how IT operates in a global context and is able to deal with complexities to achieve the required goals.