16 days ago - req30714

OT Security Architect

Other corporate functions

Other technical job categories

In a nutshell


Veldhoven, Netherlands


Other corporate functions


3-7 years



Job Category

Other technical job categories



Introduction to the job

As an Operational technology (OT) domain security architect, you will be operating in the heart of the business, on the boundary between the business lines that own the OT environment and the security organization to bridge between both disciplines; The objective is to support the business in running a secure by design operation by helping the business understand the risks and translating risks and requirements to a security services, processes and capabilities.

Role and responsibilities

- Supporting projects and the risk managers in performing security risk assessments at design and implementation phases of projects.
- Provide advise on how identified risks can be mitigated and practical guidance on how to achieve the best balance between risk and needs.
- Translate the relevant security policies, standards and best practices into practical guidance and help identify solutions.
- Develop and maintain security architecture artifacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations.
- Draft security policies and standards to be reviewed and approved by executive management and/or formally authorized by the CISO.
- Conduct or facilitate threat modelling of services and applications that tie to the risk and data associated with the service or application.
- Actively track developments and changes in the digital business and threat environments to stay up to date and to ensure that they're adequately addressed in security strategy plans and architecture artifacts.
- Establish a taxonomy of (OT domain) indicators of compromise and share this detail with other security colleagues, including the security operations center information security managers and analysts, as well as counterparts within the network operations center
- Validate (OT) infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks
- Effectively collaborate with other (security) architects for quality assurance, information sharing, prioritizing and distributing the architecture workload.

Education and experience

Master's degree in computer science, information systems, information management, cybersecurity, or a related field. Any of the following certifications are a plus: CISSP, TOGAF, SANS’ GIAC, SABSA (SCF), GICSP, SANS GRID.

- Proven conceptual knowledge of security in OT/ICS/IoT environments, especially manufacturing and building automation.
- Full-stack knowledge of OT Security infrastructure on all technology layers
- Experience with design of architecture based on Purdue Model
- Experience on OT domain specific security solutions
- Experience with the following regulations, standards and frameworks: ISO 27001/2, IEC 62443, NIST SP 800-82

Other experience that are preferred:
- Hands on experience to review security architecture & able to provide expert feedback
- Knowledge of Business Process Management (frameworks)
- Experience designing the deployment of applications and infrastructure into public cloud services.
- Familiar with the following regulations, standards and frameworks: NIST Cybersecurity Framework (CSF), IOT Security Compliance Framework, ISO 31000, GDPR


You are able to think conceptually about security, can bring overview to problems, can communicate that effectively and can quickly identify key issues to be resolved. This means someone who can create an oversight of what we have, see common denominators, bring structure, and present it clearly to everyone.

Being able to create abstract diagrams and good visualization skills to translate them into architectural drawings

The main behaviors and competencies:
· Adaptability
· Business Acumen
· Openness to Learning
· Great communication and stakeholder management skills
· Outstanding analytical and conceptual thinking skills
· Strategic planning
· Content Leadership
· Project management

Diversity & Inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Other information

The position is based in the Netherlands (Veldhoven). The employee will report to the Lead Security Architect in the Technology Security Architecture team.