Information Security Lead jobs at Philips in China, Suzhou City

As the Information Security Lead, you will be responsible for developing, implementing, and overseeing a strategic security plan for the Information Technology (IT), Integrated Supply Chain (ISC) and Operational Technology (OT) environments. Your role is critical in protecting sensitive data, ensuring system integrity, and mitigating risks while maintaining compliance with industry regulations.

Security Strategy & Risk Management

Develop and execute acomprehensive IT & OT security strategyaligned with industry standards.

Identify, assess, and mitigatesecurity risksacross the supply chain and operational environments.

Ensure compliance withregulatory standards(e.g., HIPAA, FDA).

Security Architecture & Operations

Design and maintain asecure architecturefor IT and OT environments.

firewalls, IDS solutions, and security tools (Nozomi Guardian, Armis, Claroty, Microsoft Defender for IoT).

Establish and enforce asecurity policy frameworkfor supply chain technologies.

Incident Response & Threat Management

Develop and leadincident response plansto handle security threats.

risk assessmentsand implement remediation plans without disrupting operations.

threat modeling(STRIDE, PASTA, DREAD) andcyberattack simulationsto strengthen defenses.

Analyze attack patterns using theMITRE ATT&CK frameworkand develop countermeasures.

Compliance & Governance

Work with service owners toreview and improve security controls

Define and tracksecurity KPIsto measure effectiveness.

Security Officeto drive continuous security improvements.

Vendor & Stakeholder Management

security assessments of suppliersto ensure compliance with security standards.

security best practicesto foster a culture of security awareness.

You're the right fit if:

Bachelor’s or Master’s degree in Information Technology and or commensurate experience in delivering security solutions.

Overall Enterprise IT Security experience of 10+ years preferred.

Security Certifications such as CISSP, CISM, CISA, CIPP etc. preferred.

Should have senior level in the domain of Security & operations management

Absolutely trustworthy with high standards of personal integrity (demonstrated by an unblemished career history, lack of criminal convictions etc.), willing to undergo vetting and/or personality assessments to verify this if necessary

Typically a background in technical security roles or operations, with a clear and abiding interest in security

Works autonomously within established procedures and practices.

Good command on stakeholder management, judgement, conflict resolution, risk & mitigations.

We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
• Learn more about .
• Discover .
• Learn more about .

Job title:

The Cyber Security Lead plays a critical role in ensuring the security of (system) software by driving architecture, design, analyses, testing, and maintenance to meet stringent security standards. This position directly impacts product security strategy, solutions direction, and customer experience. Leveraging state-of-the-art security techniques and best practices, the role focuses on delivering robust, high-quality, and secure digital solutions. Collaboration with internal stakeholders such as users, product owners, and development teams is essential to align requirements and implement necessary security modifications. Staying current with the latest developments in cybersecurity and regulatory compliance is central to the position.

1. Security Requirements and Risk Management

Define and manage security requirements and security-related requirements (requirements engineering) across all systems, including third-party components and services.

Perform holistic security risk management, addressing the entire product scope — from architecture to deployment.

Maintain and update security requirements in response to enhancement and change requests.

2. Security Testing and Documentation

Participate in the creation of test scenarios for security requirements and ensure comprehensive validation.

Verify the accuracy and completeness of Software Bill of Materials (SBOM) and MDS2 forms for software versions prior to launch, as well as after updates or patches.

3. Security Vulnerability Management

Investigate root causes of security vulnerabilities and define additional corrective and preventive measures.

Ensure that security-related patches and updates are reflected in documentation (e.g., SBOM, MDS2).

4. Secure Development Activities

Lead the design, coding, testing (including test automation), documentation, and deployment of secure software.

Provide technical expertise to support DevOps in deploying secure applications.

Participate in peer reviews and work in a pairing mode to improve the quality and robustness of designs and implementations.

6. Continuous Improvement and Knowledge Sharing

Stay updated with the latest advancements in cybersecurity, software craftsmanship, compliance regulations, and best practices.

Participate in knowledge-sharing initiatives, industry forums, and educational training programs.

Education and Experience

Bachelor’s degree in Software Engineering, Computer Science, or a related technical field with 8+ years of experience, or Master’s degree with 5+ years of experience.

Experience in medical device industry and knowledge of associated standards and regulations (e.g., FDA, ISO 13485, IEC 62304).

Technical Skills

Strong understanding of software security design, risk management, and compliance processes.

Proficiency in developing and maintaining secure software systems through DevSecOps practices.

Experience with security testing tools (e.g., static/dynamic code analysis tools, vulnerability scanners).

Familiarity with Lean/Agile/SAFe methodologies for software development.

Behavioral Skills

Innovation: Challenge requirements and identify creative solutions to enhance value.

Drives Results: Deliver high-quality results while leading complex security projects.

Problem-Solving and Resourcefulness: Resolve challenges with practical, scalable solutions.

Preferred Qualifications

Experience in cybersecurity for medical devices, regulated industries, or SaaS platforms.

Familiarity with telemetry tools and processes to improve security monitoring.

Certifications in cybersecurity such as CISSP, CEH, CSSLP, or equivalent.

Key Attributes of Success

To excel in this role, the Cyber Security Lead should demonstrate:

A deep understanding of end-to-end product security in highly regulated environments.

We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
• Learn more about .
• Discover .
• Learn more about .

Your role:

• Project Leadership: Lead end-to-end performance improvement projects, from initial scoping and planning to implementation and post-implementation review.
• Continuous Improvement Execution: Apply Lean Six Sigma methodologies (VSM, Problem Solving, Kaizen, etc.) to identify and eliminate process inefficiencies.
• Data Analysis & Reporting: Collect, analyze, and interpret data to identify trends, root causes, and opportunities for improvement. Develop and present clear, concise reports on project progress and outcomes.
• Stakeholder Management: Collaborate with cross-functional teams and stakeholders to ensure project alignment and successful implementation.
• Coaching & Mentoring: Coach and mentor team members on continuous improvement principles and tools, fostering a culture of operational excellence.
• Daily Management & Problem Solving: Support and implement daily management and problem-solving activities within the CT ISC organization.
• KPI Management: Support the development and implementation of key performance indicators (KPIs) and monitor performance against targets.

Key Activities:

• Lead selected projects in the performance management domain, such as E2E productivity.
• Conduct Value Stream Mapping (VSM) workshops to identify and eliminate waste.
• Facilitate problem-solving sessions using root cause analysis techniques.
• Develop and implement process improvement plans.
• Track and report on project progress and performance metrics.
• Provide training and coaching on Lean Six Sigma tools and techniques.
• Consolidate and analyze data to identify trends and opportunities for improvement.

You're the right fit if:

• Bachelor's degree in Engineering, Supply Chain Management, or a related field.
• Minimum of 8+ years of experience in performance improvement, process optimization, or project management.
• Proven track record of successfully leading and delivering performance improvement projects.
• Strong expertise in Lean Six Sigma methodologies (certification preferred).
• Excellent project management skills, including planning, execution, and monitoring.
• Strong analytical and problem-solving abilities.
• Excellent communication, interpersonal, and leadership skills.
• Proficiency in data analysis and visualization tools (e.g., Excel, Power BI).
• Experience with Daily Management and Problem Solving execution and coaching.

We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
• Learn more about .
• Discover .
• Learn more about .

Job title:

Monitor and Manage the execution of the end to end purchase to pay process, provide correct and timely bookings and reporting and coordinate activities between external provider and local organization. You will team up to excel - delivering an exceptionally high standard of service across our organization for employees at every stage of their career. You will closely work with our procurement colleagues to ensure and End to End approach of placing an order to paying an invoice.

Your role:

• Work closely with Global P2P Process Lead to monitor performance KPI, including the service delivered by external party (Infosys), find out the process gap
• Coordinate P2P process in Philips, liaising with Philips Businesses and 3rd party suppliers as of appropriate
• Manage/coordinate local accounts payable and expenses activities.
• Act as first point of contact for P2P related questions of 3rd parties or local organizations.
• Deliver relevant information for proper execution of the process by 3rd parties.
• Initiate and participate in projects or actions to improve the overall performance quality of the P2P process.
• Provide relevant reporting, validate data and analytics.
• Manage & develop direct employees within P2P. Ensure that staff has adequate knowledge, skills, behavior and motivation in order to perform their tasks and reach the targets.
• Assist the Global P2P Lead to structure P2P and support process improvement by innovation and harmonization in order to increase efficiency.
• Establish and realize improvements to achieve developmental goals and objectives.
• Responsible for managing the preparation and submission of required reporting consolidated.
• Responsible to keep staff knowledge in accordance to changes of legislation and IFRS.

You're the right fit if:

• 10+ years’ experiencein relevant position (not mandatory), with a Bachelor degree in Finance or Accounting

• Good understanding of F&A processes to handle methodologies and standard and non-standard situations (as a + working with outsourcing of accounting activities to 3rd party).

• Experience in IFRS accounting and book keeping in the international company (AP) is a must.

• Project management: development and deployment of new processes and procedures /integration of recently acquired activities.

• Experience in MS office applications (excellent command of MS Excel and Power Point is a must).

• Results and action-oriented team player with excellent interpersonal and communication skills across different levels of stakeholders and cultures.

• Pragmatic & logical thinker with an eye for detail and an analytical mind.

• Accurate, being able to react quickly, communicative.

• Experienced in managing multiple projects whilst adhering to strict deadlines.

• Understanding and experience with LEAN methodology (nice to have).

• Understanding of SAP is a must.

• Experience of supervising a team

• Good communication & collaboration skills

• Fluent in English & Chinese

• Qualified trainer is a plus

• Can work under pressure

Indicate if this role is an office/field/onsite role.
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
• Learn more about .
• Discover .
• Learn more about .