30+ days ago - req23819
Security Program Manager
Other corporate functions
Other job categories
In a nutshell
Other corporate functions
Other job categories
For the Operations sector in ASML we are looking for a Security Program Manager to further strengthen our ability to protect the Intellectual Property of ASML, our customers and our suppliers and to prevent business disruption in our factories and supply chain. The Operations sector is the largest sector within ASML and includes Manufacturing, Customer Support, Sourcing and Supply Chain and Corporate Real Estate.
Within ASML generic security capabilities are organized centrally via competences. Security risk management is however embedded within each of the sectors. The security risk management team identifies and assesses potential information security risks, recommends mitigations and helps the risk owners drive the implementation of mitigations to reduce the risk to an acceptable level. The team is involved in all programs, projects and changes to assess the assets that are being introduced or changed, to provide security requirements and to validate adequate implementation. In case of security incidents the team is involved in determining business impact, in communication and escalation towards sector management and in defining lessons learned and structural improvements. Creating awareness and educating the sector ranging from senior management to people on the ground is a key responsibility for each member of the team.
Finally the security risk management team is also managing or driving ASML wide and/or Operations specific projects to strengthen and mature the information security capabilities of ASML.
Ensure that information security risks do not exceed the organization risk appetite by timely identifying risks and maintaining the security risk register, assessing risks, drive risk mitigation and monitor and report on progress.
As Security Program Manager you will prepare the annual portfolio and roadmap of security projects and initiatives that affect the Operations sector, drive the inclusion and prioritization of these projects in the financial planning of the sub-sectors and either manage or enable execution of the portfolio.
You are expected to fulfill the following responsibilities:
- Annually, collect the unconstrained demand of security projects and initiatives that either affect or are specific for the Operations sector;
- Propose priority based on the level of risk mitigation against specific risks or risk categories;
- Drive inclusion and prioritization in the annual financial planning process of the different sub-sectors;
- Complete the initiation of all security projects, defining and aligning scope, business benefits, governance, deliverables and timelines;
- For the projects that are managed by the security risk management team, you will ensure projects are led (or personally drive delivery), resourced and remain on track against scope - managing the triple constraints; Time, Budget and Scope;
- Provide Quality Assurance on project definition, project governance, project quality, monitoring the execution and ensuring effective stakeholder management;
- Report on progress towards the sub-sectors and towards the ASML Security Portfolio;
- Ensure the project management system is up to date and accurately portrays the status of the portfolio of programs and projects;
- Manage/report on the risk mitigation status of risks by the projects;
- Align with other security risk management teams and central competence teams to support cross-sector initiatives;
- Realign portfolio on budget and planning in case of major changes;
- Generate demand towards the central security competences and IT based on outcomes of risk assessments; help define the implementation of additional measures and capabilities;
- Act as sounding board to sector management;
- Identify and provide advice on strategic and tactical information security risks within the sector;
- Support the implementation of security capabilities within the sector;
- Understanding / knowledge / experience of security domains i.e. Access Control, Communication Security, Incident Management, Supplier & Customer Relationship, Training & Awareness, Asset Management, Business Continuity Management, Operations Security and System Acquisition, Dev & Maintenance;
- Keep up with relevant international legislation, emerging threats, forecasts, policies and benchmarks
Master's degree or equivalent combination of education and experience (e.g. in a technical area, business administration, industrial engineering). Optionally bachelor
- Knowledge of project management (Prince-2 / PMBOK/ APMP /MSP)
- In possession of a valid work permit for The Netherlands
- Pro: In possession of valid industry certifications (CISM, CISA, CISSP)
- Minimum of 8 years’ experience in Project or Program Management in complex high tech business environment
- Ability to shape and drive security roadmaps
- Extensive experience in Information Security projects is a must
- Worked for a global organization sized similar to ASML with the proven ability to navigate complex, international work environments being sensitive to cultural differences
- Fluent in English (written and verbal)
- Pro: Experience in manufacturing / production environment
- Pro: Experience in OT/ICS programs and environments
- Ability to communicate with, convince and inspire senior management
- Relationship builder; able to create and maintain a trusted network
- Able to influence / lead without mandate
- Able to give direction, plan and prioritize
- Acts decisively, takes responsibility and shows critical sense
- Pragmatic, pro-active, hands-on mentality, motivated by realizing goals rather than personal acknowledgement and a proven ability to drive results
Context of the position
As Security Program Manager you will be part of the Operations Strategies and Excellence (OSE) department and will report to the Senior Security Risk Manager Operations.
The OSE department supports the definition of the Operations strategy, the translation of the strategy into capabilities, a roadmap and a portfolio and drives specific competences including Information Security, Information Management, Portfolio management, Program/Project Management and Benefits Management.
You will be based in Veldhoven, the Netherlands. You will be a member of the ASML Security community; working closely together with the security risk management teams in other sectors and the central security competence teams.
ASML creates the conditions that enable you to realize your full potential. We provide state-of-the-art facilities, opportunities to develop your talents, international career opportunities, a stimulating and inspiring environment, and most of all, the commitment of a company that recognizes and rewards outstanding performance. What is working at ASML like?
Check this out: https://www.youtube.com/watch?v=qXpAMguP-vQ
Our selection process includes an online Talent Exploration that gathers information about your key drivers, your personal values, motivators and career ambitions. The Talent Exploration enables both you and us to explore if there is a mutual match - not only for today, but also for your future career at ASML.
Please note that at the moment we have several interesting opportunities within our team – based on your experience and ambitions we will determine the best match together with you.