Vulnerability Management Specialist

Introduction to the job

We at ASML enable groundbreaking technology to solve some of humanity’s toughest challenges. Together with our partners, we provide leading patterning solutions that drive the advancement of microchips.

Do you like to drive structural improvements and work with a wide range of IT disciplines? Are you passionate about security and do you like the challenge of protecting the IT infrastructure and information assets in one of the most technical developed companies in the world? Then we would like to talk to you!

Role and responsibilities

As a Vulnerability Management Specialist you are involved in cyber security management of assets and critical vulnerabilities. This role is positioned within the Security Advisory and Support team within Technology Security Competence Center (TSCC) which is part of the Risk & Business Assurance department of ASML Corporate.

You will be responsible for scheduling, detecting, analyzing, reporting and managing the Emergency Patching Process activities within the company’s technology domains (servers, networks and all infrastructure supporting production applications for the enterprise, as well as development environments). This includes applying your analytical, reasoning & specialized technical security expertise to investigate, isolate and track critical security vulnerabilities in a risk-based manner.

You will be interacting with stakeholders on different levels in ASML IT, but also within ASML sectors. In order to perform above activities, you will also be responsible for aligning and improving the asset registration in the asset repositories and provide guiderails that allow IT and business to create and maintain the proper and complete asset overviews. You will be reporting upon and performing quality assurance on the asset registration and vulnerability management processes and procedures.

Key responsibilities

• Develop and maintain the patch & vulnerability management policies and standards, and support the development of processes, systems and measurements that enable the organization to manage released patches and assure compliance towards the standards;
• Drive and support the Prio Patching process and coordinate the response upon detected (critical) vulnerabilities;
• Manage, monitor and report upon priority / emergency patching process and compliance against ASML’s patch standard;
• Conduct IT security assessments upon IT Services, network infrastructure and applications and report upon findings;
• Align upon proposed next steps with stakeholders and monitor and report upon progress of agreed risk mitigation.

Vulnerability Management is active in the area of infrastructure, applications, containers, workplace, API’s amongst others, depending on the knowledge, experience and interest of the candidate.

Education and experience

• A degree in computer science, information technology, computer engineering or equivalent experience
• Preferable 3-4 years experience as a security analyst in a large organization
• Experience in executing Threat and Vulnerability Analysis (TVA) and/or IT Security risk assessments on IT services, network & Cloud infrastructure and (web + mobile) applications
• Knowledge of malware, hacking techniques, cyber threats and security trends
• Experience in vulnerability management in the OT environment is a plus
• Experience in collecting information through research and interviews
• Experience in convincing and chasing stakeholders in an international environment
• Excellent English verbal and written communication and presentation skills.Command of the Dutch language is a plus
• Good working knowledge of Office suite applications like Excel, SharePoint and Teams
• Preferable experience and/or knowledge of working with Agile SAFe
• Valid industry certifications such as the Certified Information Systems Security Professional (CISSP) are a plus
• Experience with security standards like ISO 27001, NIST-800 or equivalent are a plus

Skills

Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems.
To thrive in this job, you’ll need the following skills:

• Excellent communication, interpersonal, coordination, and problem-solving skills
• Ability to interact with all levels amongst other users, engineers, executives and senior managers
• Ability to overcome organizational resistance
• Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments
• Analytical, precise, tenacious, autonomous
• High level of initiative, accountability, professional diligence, attention to detail and ability to follow process
• Capable to digest large amounts of new information quickly, and derive key security vulnerabilities
• Able tohold your own and defend your position in a flexible / changing and demanding environment

Diversity & Inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Other information

Need to know more about applying for a job at ASML? Read our frequently asked questions.