IT-Manager Technical Security Assessments
Computer Science & Software Engineering
In a nutshell
Computer Science & Software Engineering
AsManager Technical Security Assessments you areresponsible to set-up a strategy and planning for conducting technical assessments upon (parts of ) the ASML infrastructure (network connected devices, mobiles network infrastructure) and used software (Office applications, business applications, Mobile Apps) and to assure timely execution of the technical assessments within budget. Where applicable the technical assessment will be conducted by ASML’s virtual team of pen testers, or by a third party.
- You will determine scope and align approach of technical assessment with applicable stakeholders.
- You will report and align upon findings, conclusions and proposed corrective actions with applicable stakeholders and will coordinate and/or conduct re-assessments after implementation of the agreed corrective actions.
- You willsupport projects by conducting technical assessments upon project deliverables to assure new introduced hardware and software will not introduce new vulnerabilities, security weaknesses or non-compliance issues.
The focus of this role will be on security of :
- Servers andtheir OS’s (e.g. Windows,LINUX, VMware)
-Network devices (e.g. routers, switches, load balancers)
-Mobile Devices (Android, iOS) and Mobile Apps
-Office Automations Devices (e.g. laptops, printers)
-Office and other used business applications within ASML.
-SCADA / ICS / OT environment
-Other network connected devices
As a Manager Technical Security assessments, you'll need to:
-Understand complex computer systems and technical cyber security terms
-Coordinate and/or carry out remote testing of a network or onsite testing of the infrastructure to expose weaknesses in security
-Work with stakeholders to determine their requirements from the test, for example the number and type of systems they would like testing
-Plan and create penetration methods, scripts and tests
-Advise on methods to fix or lower security risks to systems
-Consider and discuss the impact the pen test will have on the business and its users
-Create reports and recommendations from your findings
-Present your findings, risks and conclusions to both technical and non-technical audiences
-Understand and be able to communicate how the flaws that has been identified could affect a business, or business function, if they're not fixed.
- Bachelor/Master degree or equivalent by experience
- Strong knowledge of industry security best practices and frameworks
-More than 3 years’ experience with planning, preparing and conducting of technical security assessments / Pen Tests
-More than 7 years experience in Information or IT Security
-Experience with the documentation and reporting of technical assessment findings including proposed corrective actions.
-Experience with security of Networks, Servers, Applications, Mobile Devices (iOS, Android),Mobile App and business applications.
-Experience with supporting and conducting forensic investigation is a preference.
-In possession of a pen tester certificate (e.g. OSCP, GXPN, LPT master)
-Having a security certificate (e.g. CISSP, CISA, CEH) or any other relevant security certificate is a preference.
-Analytical, precise, tenacious, autonomous
-Problem solving skills, determine the most effective way to solve the detected risks.
-Familiar with Global laws and legislation incl. Sarbanes Oxley
-Ability to interact with all levels including engineers, executives and senior managers
-Ability to overcome organizational resistance
-Strong interpersonal, presentation, analytical and statistical sampling skills
-Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments
-Exceptional written and verbal communication skills in Dutch and English are required
-Flexibility to travel5% (depends on location)
To attract and retain the best people, we have a competitive employment conditions package, including
-Fixed 13th month;
-Attractive profit scheme; 5 year average (2017): 16.4%
-27 holidays and 13 additional free days.
ASML creates the conditions that enable you to realize your full potential. We provide state-of-the-art facilities, opportunities to develop your talents, international career opportunities, a stimulating and inspiring environment, and most of all, the dedication of a company that recognizes and rewards extraordinary performance.