Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security initiatives, protect data, and ensure compliance across IT and OT environments.
- Company: Philips is a health technology company dedicated to improving global healthcare access.
- Benefits: Enjoy a collaborative work culture with opportunities for growth and impactful projects.
- Why this job: Join a mission-driven team focused on making a difference in healthcare through innovative security solutions.
- Qualifications: Bachelor’s or Master’s in Information Security; 8+ years in cybersecurity; strong communication skills.
- Other info: Office-based role requiring in-person collaboration at least 3 days a week.
The predicted salary is between 43200 - 72000 ÂŁ per year.
Job Title
Senior Information Security Manager
Job Description
We are seeking a highly motivated Senior Information Security Manager to lead the design, implementation, and oversight of our strategic security initiatives across IT, Integrated Supply Chain (ISC), and Operational Technology (OT) environments. While prior experience in OT security is a plus, strong IT security professionals eager to grow into the OT domain are encouraged to apply.
In this pivotal role, you will protect sensitive data, ensure system integrity, and mitigate risks—all while ensuring compliance with regulatory requirements such as NIS2, HIPAA, EUMDR and FDA standards.
Key Responsibilities:
Security Strategy & Risk Management
-
Develop and execute a comprehensive IT and OT security strategy aligned with industry best practices.
-
Identify, evaluate, and mitigate security risks across IT, supply chain, and OT environments.
-
Drive Security Projects, Programs & Initiatives across different locations
-
Maintain regulatory compliance with HIPAA, FDA, and other relevant standards.
Security Architecture & Operations
-
Design and maintain secure architectures for both IT and OT systems.
-
Implement and manage firewalls, IDS/IPS, and advanced security tools such as Nozomi Guardian
-
Define and enforce security frameworks and policies specific to supply chain technologies.
Incident Response & Threat Management
-
Develop and lead end-to-end incident response plans and security playbooks.
-
Conduct regular risk assessments and implement remediation strategies with minimal operational disruption.
-
Perform threat modeling (e.g., STRIDE, PASTA, DREAD) and simulate cyberattacks to test resilience.
-
Utilize the MITRE ATT&CK framework to analyze adversarial behavior and implement countermeasures.
Compliance & Governance
-
Partner with service owners to continuously improve technical and administrative security controls.
-
Define, monitor, and report on key security metrics and KPIs.
-
Collaborate with the Philips Security Office and broader governance teams to align initiatives and drive continuous improvement.
Vendor & Stakeholder Engagement
-
Lead supplier security assessments and ensure compliance with enterprise and regulatory standards.
-
Promote security awareness and deliver training across internal teams and external partners.
-
Serve as a trusted advisor to stakeholders on evolving threat landscapes and proactive defense strategies.
You\’re the right fit if you have:
-
Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field.
-
8+ years of experience in cybersecurity, with proven leadership in enterprise environments.
-
Knowledge of OT security is preferred but not mandatory—willingness to learn and adapt is key.
-
Strong experience with security tools, frameworks, and standards.
-
Excellent communication skills, with the ability to influence across all levels of the organization.
How we work together:
We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company’s facilities. Field roles are most effectively done outside of the company’s main facilities, generally at the customers’ or suppliers’ locations.
This role is an office-based role.
About Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won\’t stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
-
Learn more about our business here .
-
Discover our rich and exciting history here .
-
Learn more about our purpose here .
If you\’re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our commitment to diversity and inclusion here .
#LI-EU
#EEIT
#J-18808-Ljbffr
Sr. Information Security Manager employer: Philips Iberica SAU
Contact Detail:
Philips Iberica SAU Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Sr. Information Security Manager
✨Tip Number 1
Familiarise yourself with the specific regulatory requirements mentioned in the job description, such as NIS2, HIPAA, and FDA standards. Understanding these regulations will not only help you in interviews but also demonstrate your commitment to compliance and security.
✨Tip Number 2
Network with professionals in the cybersecurity field, especially those with experience in Operational Technology (OT). Engaging with industry peers can provide insights into current trends and challenges, making you a more informed candidate.
✨Tip Number 3
Prepare to discuss your experience with security tools and frameworks during the interview. Be ready to share specific examples of how you've implemented security measures or led projects that align with the responsibilities outlined in the job description.
✨Tip Number 4
Showcase your communication skills by practising how you would explain complex security concepts to non-technical stakeholders. This role requires influencing across all levels of the organisation, so being able to articulate your ideas clearly is crucial.
We think you need these skills to ace Sr. Information Security Manager
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in cybersecurity, particularly any leadership roles you've held. Emphasise your familiarity with IT and OT security frameworks, as well as your ability to manage compliance with standards like HIPAA and FDA.
Craft a Compelling Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Discuss how your background aligns with the responsibilities outlined in the job description, especially your experience in risk management and incident response.
Showcase Relevant Skills: Highlight specific skills that are crucial for this position, such as your experience with security tools (like Nozomi Guardian), threat modelling techniques, and your ability to communicate effectively across different levels of an organisation.
Demonstrate Continuous Learning: Mention any ongoing education or certifications related to cybersecurity, especially those that pertain to OT security. This shows your willingness to learn and adapt, which is a key requirement for this role.
How to prepare for a job interview at Philips Iberica SAU
✨Understand the Regulatory Landscape
Familiarise yourself with key regulations such as NIS2, HIPAA, and FDA standards. Be prepared to discuss how you would ensure compliance in your role, as this is crucial for the position.
✨Showcase Your Leadership Experience
Highlight your previous leadership roles in cybersecurity. Discuss specific projects where you led teams or initiatives, particularly those that involved risk management and security strategy development.
✨Demonstrate Technical Proficiency
Be ready to talk about your experience with security tools and frameworks. If you have knowledge of OT security, share examples; if not, express your eagerness to learn and adapt to new technologies.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving skills in real-world scenarios. Prepare to discuss how you would handle incidents, conduct risk assessments, and implement security measures effectively.
