Specialist II, Product Security SCoE

Job Title

Job Description

Specialist II, Product Security SCoE

At Philips, we are committed to advancing healthcare through innovation and technology. Our Product Security & Services Office (PSSO) within the Group Security organization helps ensure that our products and solutions remain secure, resilient to cyberattacks, and trusted by customers. By embedding security by design into the product development lifecycle, we enable our teams to deliver secure, privacy-aware healthcare solutions.

We are seeking a Senior Cloud Security Specialist with expertise in cloud architecture and security to lead critical projects. This technical leadership role will focus on ensuring secure cloud adoption, protecting sensitive healthcare data, and aligning with global security standards such as FDA, DOD, NIST, HIPAA and GDPR.

Your role:

• Develop secure cloud architecture frameworks aligned with healthcare-specific needs, ensuring compliance with HIPAA and other global standards.
• Guide product architects to integrate security and privacy by design at the architectural level.
• Evaluate and approve high-level and low-level design documents and system specifications for security considerations.
• Conduct thorough security and privacy assessments for cloud-based solutions across IaaS, PaaS, and SaaS platforms.
• Identify and mitigate risks by implementing robust access control, encryption, and monitoring solutions.
• Perform cloud-specific red teaming exercises to evaluate and improve the resilience of cloud environments against advanced threats.
• Execute ethical hacking and penetration testing activities to identify vulnerabilities in cloud environments, applications, and services.
• Conduct audits of cloud infrastructures to ensure compliance with organizational security policies and global regulatory standards.
• Verify that all security and privacy requirements are implemented and functioning as intended in the final products.
• Work closely with deployment and operations teams to ensure consistent cloud security during product deployment and maintenance.
• Monitor and respond to security incidents, conducting root cause analyses and implementing long-term solutions.
• Develop and maintain incident response playbooks tailored to cloud environments.
• Proactively review security logs and alerts to detect vulnerabilities and improve system resilience.
• Assist Philips’ business units in developing and enforcing product security and privacy practices, including policies, standards, and guidelines.
• Conduct security reviews and audits to ensure compliance with healthcare-specific regulations and standards like HIPAA, GDPR, and ISO 27001.
• Provide clear reporting on security metrics, risk assessments, and compliance status to senior management.
• Collaborate with R&D engineering teams, architects, and technical leads to ensure secure development and deployment of healthcare solutions.
• Provide guidance on resolving security audit findings and strategic recommendations for improvement.
• Mentor junior security professionals and foster a culture of security awareness and accountability.
• Stay updated on emerging cloud security threats and evolving regulatory requirements.
• Evaluate and implement advanced security tools, technologies, and practices to strengthen cloud security posture.

You're the right fit if:

• Bachelors in a relevant field including IT, Computers or other related science.
• 14+ years of experience for Senior Cloud Specialist role. Experience in the healthcare sector and HIPAA preferable
• Develop and implement secure cloud architecture frameworks for AWS, Azure, and/or Google Cloud platforms.
• Define security requirements for cloud-native applications, containerized environments, and hybrid infrastructures.
• Collaborate with DevOps and development teams to integrate security best practices into CI/CD pipelines.
• Conduct threat modelling, risk assessments, and vulnerability scans for cloud environments.
• Implement robust cloud access control, encryption, and monitoring mechanisms.
• Mitigate risks by ensuring compliance with industry standards (e.g., ISO 27001, NIST, SOC 2, GDPR, PCI DSS).
• Lead the implementation of security tools such as CSPM (Cloud Security Posture Management), CWPP (Cloud Workload Protection Platforms), and SIEM (Security Information and Event Management) solutions.
• Automate security policies and workflows using IaC (Infrastructure as Code) tools like Terraform or CloudFormation.
• Product/Information security experience in all phases of service development and deployment including architecture, design, development, testing, release, and operational maintenance
• Experience in assessing security of iaas, paas, saas platforms would be helpful
• Sound understanding of Cryptography, various Encryption Algorithms, Public key Infrastructure (PKI) and Certificate Authority (CA).
• Technical leadership experience in the Software Security field.
• Experience and knowledge of penetration testing methodologies and tools.
• Conducting information security analyses, audits, and reviews

Preferred Certifications:

• Cloud certifications: AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate, or Google Professional Cloud Security Engineer.
• Security certifications: CISSP, CCSP, CISM, or equivalent

About Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
• Learn more about our business.
• Discover our rich and exciting history.
• Learn more about our purpose.

If you’re interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our commitment to diversity and inclusion here.

#LI-PHILIN