30+ days ago - req20144
Information Security Risk Analyst- Engineering
Research & development
Other job categories
In a nutshell
San Jose - CA, US
Research & development
Other job categories
ASML US, including its affiliates and subsidiaries, bring together the most creative minds in science and technology to develop lithography machines that are key to producing faster, cheaper, more energy-efficient microchips. We design, develop, integrate, market and service these advanced machines, which enable our customers - the world’s leading chipmakers - to reduce the size and increase the functionality of their microchips, which in turn leads to smaller, more powerful consumer electronics. Our headquarters are in Veldhoven, Netherlands, and we have 18 office locations around the United States including main offices in Chandler, Arizona, San Jose and San Diego, California, Wilton, Connecticut, and Hillsboro, Oregon.
Managing information security risks in the R&D domain is a challenging security position in an intellectual property-driven company. This role ensures that R&D information security risks do not exceed ASML’s risk appetite through early identification, assessment and mitigation.
R&D Security Risk Management (SRM) operates across the Development & Engineering, Research and Business Line Applications organizations, and is part of the corporate security governance.
This position may require access to controlled technology, as defined in the Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require the Company to proceed with candidates who are immediately eligible to access controlled technology.
- Perform information security risk assessments across a variety of platforms and applications
- Prepare risk reports, proposing mitigating controls and recommendations to business stakeholders
- Assess new devices being introduced into our R&D network - ensuring that proper security controls are in place
- Ensure the protection of our intellectual property through stakeholder engagement and awareness
- Alignment with the IT Security department on security matters linked to R&D information assets/risks
- Work across different engineering teams to assist us in improving the security of our products
- Ensure compliance with security policies and standards
- Remain up-to-date with emerging threats, best practices and relevant legislation
- Other duties as assigned
- Job description subject to change at any time
- Bachelor’s degree in Information Security, Computer Science or combination of education and/or equivalent related work experience
- Relevant security certifications are a plus. This includes CISSP, CISM, CRISC or CCSP
- Min. 5 years of information security experience
- Strong background in Information Technology or relevant experience in the IT security domain
- Proven experience with the ISO27001 framework, as well as industry standards and best practices
- Solid understanding of networking, protocols, firewalls and operating system security principles
- High-level understanding of cloud security principles, including security controls and best practices
- Experience working within or supporting a DevOps environment is a plus
- Strong communications skills, with the ability to influence, negotiate and build consensus with key stakeholders
- Ability to translate threats and vulnerabilities into risks at the business stakeholder level and drive risk mitigation, dealing with resistance
- Results driven. Demonstrates ownership and accountability, following through on assignments with minimal supervision
- Strong analytical and problem-solving skills with attention to detail
- Ability to work both independently and in a team environment where flexibility, creativity, and commitment are important
- May require domestic and/or international travel, dependent on business needs – up to 10%
Context of the position
- This position is located on-site in San Jose, CA.It requires onsite presence to attend in-person work-related events, trainings and meetings and to further ensure teamwork, collaboration and innovation
- A flexible workplace arrangement may be available to employees working in roles conducive to remote work (up to two days a week)
The essential job functions for this position include, but are not limited to:
- Work in a fast-paced office environment, including working in a standing or seated position for long periods
- Routinely required to sit; walk; talk; hear; use hands to finger, handle, and feel; stoop, kneel, crouch, twist, reach, and stretch. Occasionally required to move around the campus
- Perform office tasks using simple hand grasping, fine hand manipulation and reach associated with assigned tasks such as paperwork, computer keyboarding (e.g., Word, Excel, PowerPoint), filing, calculating, and use of telephone or other handheld electronic devices, continuously for up to 10 hours per day, five days per week
- Have a sufficient ability to communicate, through sight, hearing, and/or otherwise, to perform assigned tasks and maintain proper job safety conditions
- Occasionally lift and/or move up to 20 pounds
- Specific vision abilities required by this job include close vision, color vision, peripheral vision, depth perception, and ability to adjust focus
Roles within the Cleanroom
- Must be willing to work in a clean room environment, wearing coveralls, hoods, booties, safety glasses and gloves for entire duration of shift.
- While performing the duties of this job, the employee routinely is required to sit; walk; talk; hear; use hands to keyboard, finger, handle, and feel; stoop, kneel, crouch, twist, reach, and stretch.
- The employee may occasionally lift and/or move up to 20 pounds. Can we be more specific:Must be willing to lift up to 20 pounds, pull 20 pounds at least once a day and spend the majority of time (greater than 90% less break time) on the floor working on tool sets, walking three to five miles a day, and/or standing/sitting for nine hours.
- Specific vision abilities required by this job include close vision, color vision, peripheral vision, depth perception, and ability to adjust focus.
This U.S. position is only open to a U.S. Person.A U.S. Person is someone who is either a U.S. Citizen, U.S. National, U.S. Lawful Permanent Resident, or a Protected Individual granted Refugee or Asylum status by the U.S. Government.The Company will not sponsor a foreign national for this position.
EOE AA M/F/Veteran/Disability