19 days ago - req33514

Security Compliance and Certification Expert

Other corporate functions

Other job categories

In a nutshell

Location

Veldhoven, Netherlands

Team

Other corporate functions

Experience

8+ years

Degree

Master

Job Category

Other job categories

Travel

No

Introduction to the job

The mission of the Security department is to enable ASML to control the protection of information and assets of our company, our customers and suppliers by applying risk-based efficient measures for people, process and technology, supporting the business goals. We strive to be a critical support function to our stakeholders, providing risk-based programs, services and systems to protect our employees, knowledge, assets and reputation.

ASML is able to achieve its business goals by having security embedded within the DNA of our people, its processes and technologies. Interested in being part of ASML and contributing to the business goals? Read on quickly!

Role and responsibilities

As a Security Compliance and Certification Expert you will play an integral role in advancing the rollout of third party certification of ASML’s information security management system (ISMS) based on ISO27001. We are looking for someone who is ready to take his/her career to the next level by driving third party certification of our ISMS.

More specifically, you will have the following role and responsibilities:

  • Mastermind the plan or roadmap for different rollouts of third party certification of ASML’s ISMS;
  • Manage the organization of the rollout: collecting demand, scope setting, contracting external certification bodies, plan and prepare security audits together with the organization;
  • Follow through on audit findings and make sure they are resolved;
  • Manage and update ISMS documentation and maintain the support tooling of the management system;
  • Communicate internally towards stakeholders about certification;
  • Deliver training/workshops to stakeholders;
  • Cooperate with stakeholders/specialists of the other management systems (ISO9001 and ISO14001).

Education and experience

A master's degree in cybersecurity, computer science, information systems, information management, IT audit or other degrees in a related relevant field is required.
The following certifications are a plus: e.g. CISM, CISSP, CISA, CIA, SANS’ GIAC, ISO 27K Lead Auditor/Implementer

For this role we are looking for someone with an IT security background with experience in auditing information systems or information management. The ideal candidate will be looking for an opportunity to become an expert in ISO27001 certification of ASML’s ISMS by a third party, through working with ASML’s global stakeholders and business processes. Security compliance is increasingly important and this role contributes through certification and by supporting compliance related activities in general. Being able to plan further certification rollouts, set a demand-based scope, and follow through on audit findings is very important in this role.

Required experience/knowledge:

  • Prior experience assessing information security related controls and/or requirements in business processes or in applications e.g. as an ISO 27001 auditor
  • Experience with and sound knowledge of ISO27001

Knowledge that may help:

  • Understanding of control environment e.g. linkage between risks, control objectives, and controls
  • Sound knowledge of information security controls and requirements in different domains e.g. access control, encryption, network, etc.
  • Knowledge of Business Process Management (frameworks)
  • Knowledge of IT Management (frameworks e.g. ITIL)
  • Knowledge of audit frameworks like Cobit
  • You are familiar / have experience with:
    - Agile
    - NIST Cybersecurity Framework (CSF)
    - General Data Protection Regulation (GDPR)

Skills

Important for this role is to combine expertise with a project management way of thinking and working as you will be responsible for all aspects involved in rolling out ISO27001 certification.

Main behaviors and competencies:

  • Adaptability
  • Business Acumen
  • Conceptual Thinking
  • Openness to Learning
  • Great communication skills
  • Outstanding analytical and critical thinking skills

Business Skills:

  • Result oriented
  • Negotiation skills
  • Convince stakeholders

Diversity & Inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Other information

The position is based in the Netherlands (Veldhoven). The employee will report to the Manager Security Policies & Compliance in the Security Strategy, Risk and Architecture competence center.
Interested? Please apply with your CV and cover letter.

This is a full time (40 hours) position. Interested? Please apply with your CV and cover letter.

Need to know more about applying for a job at ASML? Read our frequently asked questions.