Senior Information Security Consultant

As a Sr. Information Security Consultant, you are an expert in the field of information security and responsible for managing activities related to securing Philips enterprise information at a new acquisition. You will work across various environments, markets and business teams to maintain and expand on our world-class security capabilities and culture. Your focus will be implementing sound repeatable controls for maintaining compliance with Philips Security Management Framework.

General 
- Support information security awareness, training and education programs.
- Support the creation, approval and embedding of information security processes that are in alignment with Philips policies and standards.
- Establish and deliver centralized reporting on the effectiveness of the information security function and its performance against strategic objectives.
- Report to the regional security leader while coordinating with various subject matter experts within Group Security and IT to accomplish your goals.

Information Security 
- Become familiar with the Philips Security Management Framework (ISO 27001/27002).
- Drive and support compliance/policy/risk reviews for your assigned business units. 
- Coordinate within the business unit to identify and implement improvement opportunities across data protection, logical access control, threat management, secure foundation, and governance.
- Implement/support data classification.
- Support DLP rollout, as needed.
- Support IAM/PAM plans/implementation, as needed.
- Support anti-malware rollout, as needed.
- Implement/assist with access control procedures and entitlement reviews.
- Implement/validate incident response plan and coordinate integration with Philips processes.
- Review logging and monitoring capabilities and coordinate integration with Philips processes.
- Perform and assist with Philips internal application security assessments. 
- Collect/implement inventory of third-party service providers; and coordinate with Supplier Security team.
- Lead manufacturing maturing assessment including implementation and management of Industrial Cyber Security best practices.
- Conduct internally performed risk assessments, provide responses and coordinate action plans with regional leadership.
- Support embedding Information Security within internal operations and over various environments.
- Support vulnerability tracking and remediation as needed.

Education/Skills and Experience Requirements:
- Bachelors of Science degree or equivalent combination of education and work experience
- Minimum of 5-7 years in information security or risk management or related functions (e.g. IT audit, IT Risk Management and IT Compliance)
- Excellent knowledge of ISO27001/2 and NIST Cybersecurity frameworks
- Information security management or audit qualifications such as CISM/ CISSP/ CISA/ CRISC
- Experience in the creation and enforcement of information security (including the sensitivity to establish a risk based view on compliance), including compliance reporting
- Familiar with Information Security Management Systems (ISO/IEC 270001). Experience in Health information security management (ISO 27799, ISO/IEC 80001, DIACAP)
- Familiar with Laws and regulations on privacy, data protection, and breach notification (95/46/EC, HIPAA, FDA, ISO/TS 14265, 21CFR820, SB1386, etc.)
- Practical experience in highly regulated environment (FDA, SOX, Export, Privacy/GDPR, HIPAA)
- Experience working in a large global organization
- Strong interpersonal skills ? communication, presentation, ability to influence and lead 
- Motivated, positive attitude, and results-oriented
- Willingness to travel as needed