9 days ago - req20145

Information Security Risk Manager

Research & development

Other job categories

In a nutshell


Wilton - CT, US


Research & development


8+ years



Job Category

Other job categories




ASML US, LP brings together the most creative minds in science and technology to develop lithography machines that are key to producing faster, cheaper, more energy-efficient microchips. We design, develop, integrate, market and service these advanced machines, which enable our customers - the world’s leading chipmakers - to reduce the size and increase the functionality of their microchips, which in turn leads to smaller, more powerful consumer electronics. Our headquarters are in Veldhoven, the Netherlands, and we have 18 office locations around the United States including main offices in Wilton, CT, Chandler, AZ, San Jose, CA and San Diego, CA.

Managing information security risks in the R&D domain is a challenging security position in an intellectual property-driven company. R&D Security Risk Management (SRM) operates across the Development & Engineering, Research and Business Line Application organizations, and is part of the corporate security governance.

Job Mission

To ensure that R&D information security risks do not exceed ASML’s risk appetite through early identification, assessment and mitigation.

Job Description

  • Perform information security risk assessments across a variety of platforms and applications
  • Prepare risk reports, proposing mitigating controls and recommendations to internal stakeholders
  • Maintain the R&D security risk register, driving mitigation based upon agreed controls and timelines
  • Assess new technologies, ensuring appropriate security controls are in place prior to introduction into network
  • Work across different engineering teams to improve the security of our products
  • Ensure the protection of our intellectual property through awareness and consultation with stakeholders
  • Alignment with the IT Security department on infrastructure-related security matters linked to R&D information assets/risks
  • Ensure compliance with security policies and standards
  • Remain up-to-date with emerging threats, best practices and relevant legislation


  • Bachelor’s/Master’s degree in Information Security, Computer Science or equivalent related work experience


  • 5-7 years of information security experience with a focus on technology, infrastructure or engineering
  • A strong background in Information Technology or relevant experience in the IT security domain
  • Proven experience with the ISO27001 framework, as well as industry standards and best practices
  • Solid understanding of networking, protocols, firewalls and operating system security principles
  • Relevant information security certifications preferred, including CISSP, CISM, CRISC, Security+ or CCSP
  • Familiarity with cloud models, information security controls and best practices
  • Ability to travel (up to 10%)

Personal skills

  • Strong communications skills, with the ability to influence, negotiate and build consensus with key stakeholders
  • Ability to translate threats and vulnerabilities into risks at the business stakeholder level and drive risk mitigation, dealing with resistance
  • A proactive self-starter with the ability to drive results
  • Fluent English (written and verbal)
  • Strong analytical and problem-solving skills with attention to detail
  • Ability to work effectively in a team environment where flexibility, creativity, and commitment are important

Context of the position

  • You will be part of the R&D Security Risk Management team (R&D SRM) located in the US. This position works with the local engineering teams in Wilton, CT, and requires collaboration with other R&D SRM team members based out of Europe.
  • To qualify for this role you must be able to work primarily onsite at the Wilton campus. This position will require access to controlled technology, as defined in the Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require the us to proceed with candidates who are immediately eligible to access controlled technology.
  • Visa Sponsorship is not being offered for this position, so you must be a US Citizen or current GC holder to be considered for this full-time position. NO C2C candidates are being considered at this time.

EOE AA M/F/Veteran/Disability


Learn more about this job