Job Description
Your Responsibilities
Senior Member of a two-person team. Own the function and delivers on the expectations from this function
Establish a standard based InfoSec risk management framework to conduct InfoSec risk assessments at a project and program level (new projects, infrastructural changes, application/product changes, Third Parties and internal control lists)
While conducting risk assessment, act as an advisor to business stakeholders, project managers and IT partners to both educate them on risks to information assets and also point out mandatory standards and policies
Able to interpret technical threat and vulnerability assessments and translate to risk statements that can be discussed with stakeholders
Maintain an updated register of all risk assessments, their results and constantly follow up on remediation activities
Have a customer service mentality to focus on the needs of the customers. Show value of the risk management service provided without compromising the core principles of InfoSec
Display correct judgment during times of chaos and ambiguity
Ensures comprehensive updates and reporting to higher Information Security Management
Leads and contributes practically in key projects, ensuring their compatibility with the strategic direction
Your Team
You will report directly into the Head of InfoSec Risk Monitoring & Management of Philips Lighting. You will be the senior member of a two-person team which will be responsible for performing risk assessments, analyzing risks and advising on risk treatments. This group will work very closely with IT and Business stakeholders such as IT Compliance, IT Delivery, Operational readiness, Business executives, Project leads etc.
We are looking for:
Candidates who share our passion to improve people’s live. Our ideal candidate has:
Bachelor’s degree in Business, Computer Information Systems, or a related discipline
8+ years in InfoSec roles, with 3+ years working with or supporting InfoSec, Risk Management, and/or Compliance efforts
3+ years building and leading successful teams and/or projects
5+ years working in a multinational environment
CISSP, GIAC, or similar Information Security certification preferred
Deep knowledge of Risk Management
Subject Matter Expert in InfoSec risk assessment methodologies and models
Advanced understanding of the Cyber Security threat landscape and how Risk Management contributes to Business advancements
Ability to be concise and clear in communication
Experience working with outsourced partners on security testing activities