Philips Information Security Lead 

China, Jiangsu, Suzhou City 

768755654

As the Information Security Lead, you will be responsible for developing, implementing, and overseeing a strategic security plan for the Information Technology (IT), Integrated Supply Chain (ISC) and Operational Technology (OT) environments. Your role is critical in protecting sensitive data, ensuring system integrity, and mitigating risks while maintaining compliance with industry regulations.

Security Strategy & Risk Management

Develop and execute acomprehensive IT & OT security strategyaligned with industry standards.

Identify, assess, and mitigatesecurity risksacross the supply chain and operational environments.

Ensure compliance withregulatory standards(e.g., HIPAA, FDA).

Security Architecture & Operations

Design and maintain asecure architecturefor IT and OT environments.

firewalls, IDS solutions, and security tools (Nozomi Guardian, Armis, Claroty, Microsoft Defender for IoT).

Establish and enforce asecurity policy frameworkfor supply chain technologies.

Incident Response & Threat Management

Develop and leadincident response plansto handle security threats.

risk assessmentsand implement remediation plans without disrupting operations.

threat modeling(STRIDE, PASTA, DREAD) andcyberattack simulationsto strengthen defenses.

Analyze attack patterns using theMITRE ATT&CK frameworkand develop countermeasures.

Compliance & Governance

Work with service owners toreview and improve security controls

Define and tracksecurity KPIsto measure effectiveness.

Security Officeto drive continuous security improvements.

Vendor & Stakeholder Management

security assessments of suppliersto ensure compliance with security standards.

security best practicesto foster a culture of security awareness.

You're the right fit if:

Bachelor’s or Master’s degree in Information Technology and or commensurate experience in delivering security solutions.

Overall Enterprise IT Security experience of 10+ years preferred.

Security Certifications such as CISSP, CISM, CISA, CIPP etc. preferred.

Should have senior level in the domain of Security & operations management

Absolutely trustworthy with high standards of personal integrity (demonstrated by an unblemished career history, lack of criminal convictions etc.), willing to undergo vetting and/or personality assessments to verify this if necessary

Typically a background in technical security roles or operations, with a clear and abiding interest in security

Works autonomously within established procedures and practices.

Good command on stakeholder management, judgement, conflict resolution, risk & mitigations.

We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
• Learn more about .
• Discover .
• Learn more about .