Security Specialist

Job Mission

As a Security Specialist you are part of the Application Security team within the Security Testing and Resolution Management(STRM) team which is part of the Security Operations Center within ASML

You will also be responsible for conducting detailed security assessments mainly on new and existing applications and IT services within ASML, assist and advice projects on security related questions and help drive the security improvements for ASML. You will be interacting with stakeholders on different levels in ASML IT, but also within ASML sectors.

The role is contributing in protection of ASML’s information, Intellectual Property (IP) and assets, and that of ASML’s customers and suppliers for the scope of the projected solution. This includes the alignment of the solution with ASML Information Security strategies and security policies/standards/guidelines, and where necessary suggesting additions and improvement to standards.

Job Description

As a Security Specialist you will be responsible for:

• assessing applications and systems to be implemented or actual implementations based on assessments of high- and low-level designs, interviews and/or testing;
• assessing existing or new IT services (on premise or cloud) on technical vulnerabilities and weaknesses based on ASML process and tooling;
• communicate observations to the relevant stakeholders, advise on mitigation and follow up on actions;
• adding information to security finding register, which contains all security assessment findings and risks that are reported within the STRM, and is used to follow up on security assessment findings;
• keep track of follow up actions and deliver management reporting;
• train and coach DevOps teams on security aspects, standards and security solutions in CI/CD.

Education

• Bachelor’s or Master’s degree in mathematics in combination with cybersecurity/information security (or equivalent experience);
• Valid industry certifications such as CISSP, CISM and/or CISA are a plus;

Experience

• Min 6+ years professional experience with a focus on IT applications / information security, risk and compliance;
• Experience in executing Threat and Vulnerability Analysis (TVA) or IT Security risk assessments on IT services and applications;
• Experience with Cloud security and 3rd party management;
• Experience in collecting information through research and interviews;
• Deep Knowledge of current security technologies and governance processes;
• IT audit experience is a plus;
• In-depth working knowledge of IT Risk / security frameworks and best practices, such as: NIST Cyber, security, framework, ISF Standard of Good Practice for Information Security, NIST SP 800 30 framework, ISO 27001/2 framework;
• Knowledge of the Scaled Agile Framework (SAFe) is a plus.

Personal skills

Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve - and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems.

To thrive in this job, you’ll need the following skills:

• Able to operate independently/with minimal supervision, self-starter and comfortable in starting up several projects at the same time, but also taking responsibility for finishing tasks
• Analytical, precise, tenacious, autonomous
• Ability to overcome organizational resistance, as well as the ability to interact with all levels including users, engineers, and (senior) executives
• Able to manage large amounts of new information quickly; grasp the deep technical characteristics of new environments; draft clear and concise visualizations of complex processes and environments

Diversity and inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Need to know more about applying for a job at ASML? Read our frequently asked questions .