You are based in Veldhoven, the Netherlands. You will be employed in the R&D Security Risk Management (SRM) team which is part of the Development and Engineering Information Management department. You will be reporting to the Application security and project security focus group leads and functionally reporting to the R&D Sector Security Risk Manager.
You are a member of the ASML Security community; collaborating also together with Security Risk Managers in other sectors.
This position requires access to U.S. controlled technology, as defined in the United States Export Administration Regulations. Qualified candidates must be legally authorized to access such U.S. controlled technology prior to beginning work. Business demands may require ASML to proceed with applicants who are immediately eligible to access U.S. controlled technology.
ASML is the largest supplier in the world of photolithography systems for the semiconductor industry and manufactures machines for the production of integrated circuits. It is a heavily R&D driven company, and as such, it is critical that we properly safeguard our intellectual property. As an information security manager, you will manage information security risks within the R&D domain, which is a challenging position in an intellectual property-driven enterprise.
R&D Security Risk Management (SRM) operates within the R&D domain, which includes Development & Engineering, System Engineering and all Business Lines. R&D SRM is responsible for keeping information security risks within the R&D risk appetite by identifying and assessing risks, driving risk mitigation and monitoring execution.
As an information security risk manager you will manage information security risks in the R&D domain, which is a challenging position in an Intellectual Property driven enterprise. Throughout the company multiple disciplines are required to ensure proper identification, mitigation and management of these risks.
In the ASML security governance information security risk management is embedded in the sectors itself via so-called sector Security risk management.
As part of this profile you will be responsible for:
Ensure security risks do not exceed the risk appetite by timely identifying and assessing risks and propose mitigating controls conform best practice, policies and standards. Identify gaps, propose improvements and update/create policies, standards, means and methods. Monitor and report adherence to required security controls.
This role focusses on information security in the applications and projects domain by amongst others performing Information Systems Security Assessments over R&D owned applications/information systems. Besides these domains you will be expected to also perform/assist in generic security risk assessments and support the R&D Security Risk Management team as a whole.
A Bachelor degree or higher and relevant education in Information Security, Audit, Cloud and/or SAP Security.