14 days ago - req33513

Security Compliance Expert

Other corporate functions

Other job categories

In a nutshell

Location

Veldhoven, Netherlands

Team

Other corporate functions

Experience

8+ years

Degree

Master

Job Category

Other job categories

Introduction to the job

The mission of the Security department is to enable ASML to control the protection of information and assets of our company, our customers and suppliers by applying risk-based efficient measures for people, process and technology, supporting the business goals. We strive to be a critical support function to our stakeholders, providing risk-based programs, services and systems to protect our employees, knowledge, assets and reputation.
ASML is able to achieve its business goals by having security embedded within the DNA of our people, its processes and technologies. Interested in being part of ASML and contributing to the business goals? Read on quickly!

Role and responsibilities

As security compliance expert you will play an integral role in advancing security through adherence to security policies and standards by ASML’s business. For this role we are looking for someone who is ready to take his/her career to the next level by supporting the uptake of security requirements of ASML’s information security policy framework throughout the business.

More specifically, you will have the following role and responsibilities:

  • Monitor adherence to security policies and standards in different sectors of the business;
  • Explain to process owners the monitoring approach and develop an understanding of business processes;
  • Obtain support and commitment from the business;
  • Channel feedback and advise on existing policies and standards to the policy drafting process;
  • Coordinate with stakeholders to disseminate information and avoid overlap/duplications;
  • Document the formal security compliance program together with Corporate Compliance and Internal Control.

Education and experience

A master's degree in cybersecurity, computer science, information systems, information management, IT audit or other degrees in a related relevant field is required.
The following certifications are a plus: e.g. CISM, CISSP, CISA, CIA, SANS’ GIAC.

For this role we are looking for someone with an information security background with affinity for auditing information systems and understanding of business processes. The ideal candidate will be looking for an opportunity to become an expert in security compliance by working with security requirements, business processes/assets, control objectives and controls. Being able to understand business processes and the practical implications of security requirements is very important in this role.

Required experience/knowledge:

  • Good knowledge of information security controls and requirements in different domains e.g. access control, encryption, network, etc;
  • Understanding of control environment e.g. the linkage between risks, control objectives, and controls;
  • Prior experience with assessing information security related controls and/or requirements in business processes or in applications.

Knowledge that may help:

  • Knowledge of Business Process Management (frameworks);
  • Knowledge of applications e.g. Identity Access Management (IAM), SAP (ECC & APO), DLP;
  • You are familiar/have experience with the following regulations, standards and frameworks:
    - ISO 27001/2
    - NIST Cybersecurity Framework (CSF)
    - General Data Protection Regulation (GDPR).

Skills

Important for this role is to have good stakeholder management and communication skills as you will be in contact with different teams and stakeholders.

Main behaviors and competencies:

  • Adaptability
  • Business acumen
  • Conceptual thinking
  • Openness to learning
  • Outstanding analytical and critical thinking skills
  • Empathy
  • Curiosity

Business Skills:

  • Interview skills
  • Roadmap planning
  • Content leadership
  • Process building

Diversity & Inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Other information

The position is based in the Netherlands (Veldhoven). The employee will report to the Manager Security Policies & Compliance in the Security Strategy, Risk and Architecture competence center.
Interested? Please apply with your CV and cover letter.

Need to know more about applying for a job at ASML? Read our frequently asked questions.