You can withdraw your consent at any time on our cookie consent page.Configure your cookie settings and confirm to save your settings. You can withdraw or change your consent at any time on our cookie consent page.
Information Security Risk Manager
Other technical job categories
In a nutshell
San Diego - CA, US
Other technical job categories
Introduction to the job
ASML US, including its affiliates and subsidiaries, bring together the most creative minds in science and technology to develop lithography machines that are key to producing faster, cheaper, more energy-efficient microchips. We design, develop, integrate, market and service these advanced machines, which enable our customers - the world’s leading chipmakers - to reduce the size and increase the functionality of their microchips, which in turn leads to smaller, more powerful consumer electronics. Our headquarters are in Veldhoven, Netherlands, and we have 18 office locations around the United States including main offices in Chandler, Arizona, San Jose and San Diego, California, Wilton, Connecticut, and Hillsboro, Oregon.
Role and responsibilities
Managing information security risks in the R&D domain is a challenging security position in an intellectual property-driven company. This role ensures that R&D information security risks do not exceed ASML’s risk appetite through early identification, assessment and mitigation.
R&D Security Risk Management (SRM) operates across the Development & Engineering, Research and Business Line Applications organizations, and is part of the corporate security governance.
This position may require access to controlled technology, as defined in the Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require the Company to proceed with candidates who are immediately eligible to access controlled technology.
Duties and Responsibilities
- Perform information security risk assessments across a variety of platforms and applications.
- Prepare risk reports, proposing mitigating controls and recommendations to business stakeholders.
- Assess new devices being introduced into our R&D network - ensuring that proper security controls are in place.
- Ensure the protection of our intellectual property through stakeholder engagement and awareness.
- Alignment with the IT Security department on security matters linked to R&D information assets/risks.
- Work across different engineering teams to assist us in improving the security of our products.
- Ensure compliance with security policies and standards.
- Remain up-to-date with emerging threats, best practices and relevant legislation.
- Other duties as assigned.
- Job description subject to change at any time.
Education and experience
- Bachelor’s degree in Information Security, Computer Science or combination of education and/or equivalent related work experience.
- Relevant security certifications are a plus. This includes CISSP, CISM, CRISC or CCSP.
- Min. 5 years of information security experience.
- Strong background in Information Technology or relevant experience in the IT security domain.
- Proven experience with the ISO27001 framework, as well as industry standards and best practices.
- Solid understanding of networking, protocols, firewalls and operating system security principles.
- High-level understanding of cloud security principles, including security controls and best practices.
- Experience working within or supporting a DevOps environment is a plus.
Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems.
To thrive in this job, you’ll need the following skills:
- Strong communications skills, with the ability to influence, negotiate and build consensus with key stakeholders.
- Ability to translate threats and vulnerabilities into risks at the business stakeholder level and drive risk mitigation, dealing with resistance.
- Results driven. Demonstrates ownership and accountability, following through on assignments with minimal supervision.
- Strong analytical and problem-solving skills with attention to detail.
- Ability to work both independently and in a team environment where flexibility, creativity, and commitment are important.
Diversity & Inclusion
ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.
- May require domestic and/or international travel, dependent on business needs – up to 10%.
- This position is located on-site in San Diego, CA.It requires onsite presence to attend in-person work-related events, trainings and meetings and to further ensure teamwork, collaboration and innovation.
- A flexible workplace arrangement may be available to employees working in roles conducive to remote work (up to two days a week).
EOE AA M/F/Veteran/Disability
Need to know more about applying for a job at ASML? Read our frequently asked questions.