Product Security Specialist

Responsibilities

• Embed Secure by Design and Privacy by Design principles into the development of medical devices and healthcare applications
• Perform threat modeling (e.g., STRIDE, OWASP) and product security risk assessments across all development phases
• Conduct security design reviews, code assessments, and compliance reviews for applications and product software
• Collaborate with architects and R&D teams to identify security solutions that balance risk and business impact
• Guide teams in triaging, remediating, and tracking security findings from audits and reviews
• Review AI/ML-enabled features for security and privacy risks, including model misuse and data leakage
• Provide guidance on vulnerability impact analysis and risk acceptance recommendations

Requirements

• 10-14 years of experience in product and application security
• Hands-on experience with the Secure Software Development Life Cycle (SSDLC)
• Strong understanding of OWASP Top 10, secure APIs, and authentication/authorization concepts
• Experience reviewing and securing applications built with Java and Spring
• Familiarity with healthcare data protection regulations, including GDPR and HIPAA
• Bachelor's degree in a technical field (Computer Science, Information Security, or similar)

Preferred Qualifications

• Prior experience working with medical devices or regulated healthcare software
• Professional certifications such as CISSP, CISM, CEH, CIPP, or CIPM
• Knowledge of cryptography, PKI, and secure key management
• Experience supporting security audits and regulatory compliance reviews

About the Company

Philips is a global health-tech leader focused on improving people’s health and wellbeing through meaningful innovation. For more than 130 years, we have been creating technologies that support healthcare practitioners across Precision Diagnosis, Image Guided Therapy, and Connected Care.