We are seeking a highly motivated Senior Information Security Manager to lead the design, implementation, and oversight of our strategic security initiatives across IT, Integrated Supply Chain (ISC), and Operational Technology (OT) environments. While prior experience in OT security is a plus, strong IT security professionals eager to grow into the OT domain are encouraged to apply. In this pivotal role, you will protect sensitive data, ensure system integrity, and mitigate risks—all while ensuring compliance with regulatory requirements such as NIS2, HIPAA, EUMDR and FDA standards. **Key Responsibilities:** **Security Strategy & Risk Management** + Develop and execute a comprehensive IT and OT security strategy aligned with industry best practices. + Identify, evaluate, and mitigate security risks across IT, supply chain, and OT environments. + Drive Security Projects, Programs & Initiatives across different locations + Maintain regulatory compliance with HIPAA, FDA, and other relevant standards. **Security Architecture & Operations** + Design and maintain secure architectures for both IT and OT systems. + Implement and manage firewalls, IDS/IPS, and advanced security tools such as Nozomi Guardian + Define and enforce security frameworks and policies specific to supply chain technologies. **Incident Response & Threat Management** + Develop and lead end-to-end incident response plans and security playbooks. + Conduct regular risk assessments and implement remediation strategies with minimal operational disruption. + Perform threat modeling (e.g., STRIDE, PASTA, DREAD) and simulate cyberattacks to test resilience. + Utilize the MITRE ATT&CK framework to analyze adversarial behavior and implement countermeasures. **Compliance & Governance** + Partner with service owners to continuously improve technical and administrative security controls. + Define, monitor, and report on key security metrics and KPIs. + Collaborate with the **Philips Security Office** and broader governance teams to align initiatives and drive continuous improvement. **Vendor & Stakeholder Engagement** + Lead supplier security assessments and ensure compliance with enterprise and regulatory standards. + Promote security awareness and deliver training across internal teams and external partners. + Serve as a trusted advisor to stakeholders on evolving threat landscapes and proactive defense strategies. **You're the right fit if you have:** + Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field. + 8+ years of experience in cybersecurity, with proven leadership in enterprise environments. + Knowledge of OT security is preferred but not mandatory—willingness to learn and adapt is key. + Strong experience with security tools, frameworks, and standards. + Excellent communication skills, with the ability to influence across all levels of the organization. **How we work together:** We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company’s facilities. Field roles are most effectively done outside of the company’s main facilities, generally at the customers’ or suppliers’ locations. This role is an office-based role. **About Philips** We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others. + Learn more about our business **here** **.** + Discover our rich and exciting history **here** **.** + Learn more about our purpose **here** **.** If you're interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our commitment to diversity and inclusion **here**. \#LI-EU