Job Description

Job Title

Cyber Security Architect SDLC and AI

We are seeking a Cyber Security Architect – SDLC & AI to join the GSIS Cyber Security Expert Group. In this role, you will help define, design, and deploy security capabilities across Philips’ global enterprise landscape. You will work closely with central IT, R&D, business engagement teams, and Business Units to embed strong security practices into SDLC processes and AI-enabled development environments.

You will ensure our enterprise security architecture consistently integrates with SDLC tooling, AI driven development capabilities, and engineering workflows. You will also manage the security posture of critical third-party vendors and help drive continuous maturity across our development and R&D ecosystem.

This role requires leadership, influence, and the ability to partner effectively across technical and nontechnical teams to promote security as a key business enabler.

Your role:

• Be part of the Cyber Security expert team to support IS initiatives and solutions. Keep high security maturity and support risk mitigation strategies.
• Ensure our specific Cyber solutions are aligned with enterprise architecture.
• Drive and support different Business engagements teams engaging and guiding ISO’ as well as business leaders in units and regions and functions wrt to SDLC and AI security.
• Work with close cooperation with the IT different teams ensuring we drive security maturity together in the enterprise environment.
• Foster a culture of collaboration and trust, building strong relationships across technical and non-technical teams to promote security as a business enabler.
• Act as active high-performing team member, promoting continuous learning, ownership, and leadership across the cybersecurity organization.
• Stay ahead of emerging threats, technologies, and regulatory trends, proactively adapting strategies and solutions to maintain resilience.
• Demonstrate exceptional communication, influence, and decision-making skills, especially in high-stakes or ambiguous environments.

You're the right fit if:

Education & Experience

• Bachelor’s degree in Computer Science, Cybersecurity, Software Engineering, Information Systems, or a related field.
• 7+ years of experience in cybersecurity or technology roles, including 5+ years in Security Architecture, preferably in large multinational environments.
• Strong experience in integrating security controls across the full Software Development Lifecycle (SDLC).
• Hands‑on academic or industry experience with AI/ML engineering, data science, or responsible AI, including securing ML pipelines, data flows, and model deployment.
• Proven experience with CI/CD pipelines, DevSecOps practices, and security tooling (e.g., SAST, SCA, DAST, IaC scanning, secrets management).
• Experience leading architecture reviews and conducting structured threat modeling (e.g., STRIDE, PASTA).
• Demonstrated interest in AI‑driven security innovation, analytics, and automation.
• Experience leading global or virtual technical teams and managing third‑party security or SDLC vendors.
• Strong communication and leadership skills, with the ability to influence both technical and business stakeholders.
• Business travels required.
• Fluency in English (min C1 level).

Technical Competencies

• Strong understanding of SDLC frameworks (Agile, SAFe, Waterfall) and R&D development environments.
• Experience with cloud platforms (Azure, AWS, GCP) and secure cloud architecture patterns.
• Solid understanding of privacy, compliance, and regulatory requirements (e.g., GDPR) and responsible AI practices in multinational environments.
• Knowledge of security and risk frameworks such as ISO 27001, NIST CSF, NIST 800‑53, NIST AI RMF, OWASP Top 10, and OWASP ASVS.
• Strong understanding of AI security risks, including adversarial ML, data poisoning, prompt injection, and model governance.
• Familiarity with MLOps security, AI governance frameworks, and model risk management.
• Experience with container and Kubernetes security (e.g., workload isolation, admission control).
• Understanding of Zero Trust Architecture and modern distributed system security.

Certifications

Required

• CSSLP – Certified Secure Software Lifecycle Professional
• One of the following:
• CISSP – Certified Information Systems Security Professional
• CISM – Certified Information Security Manager

Preferred

• GIAC (GCSA, GWEB, GWAPT)
• Cloud security certifications (AZ‑500, AWS Security Specialty, Google Professional Cloud Security Engineer)
• Cloud provider Responsible AI certifications (Microsoft, AWS, Google)
• NVIDIA AI security‑related certifications
• MITRE ATLAS or AI threat‑modeling coursework
• Emerging ISC² / ISACA AI security certifications

How we work together

We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week. Onsite roles require full-time presence in the company’s facilities.​ Field roles are most effectively done outside of the company’s main facilities, generally at the customers’ or suppliers’ locations.​

This role is an office role.

About Philips

We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.

• Learn more about our business here
• Discover our rich and exciting history here
• Learn more about our purpose here

If you're interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our commitment to diversity and inclusion here