IT Security High Risk finding Manager & Security Specialist
Computer Science & Software Engineering
In a nutshell
Computer Science & Software Engineering
Are you passionate on managing IT risk for a high-tech company? Do you know to find the balance between the stakeholder requirements and IT security? Are you able to assesses potential items of risk and of vulnerability in information technology infrastructure and applications? Than we would talk to you!
As IT Security High Risk finding Manager and security specialist you will be part of the IT Security team and work together with about 18 of your colleagues in IT security in ASML. You report to the senior Manager IT security and you will be supporting the IT Sector Risk manager and are contact for Corporate Risk Management and Information Security CC. You will be interacting with stakeholders on different levels in in IT, but also within ASML sectors.
You will be providing IT Security Risk support for IT Security and IT and are liaison to all sectors within ASML:
- You identify, scope, structure, administer and report on IT Security Risks. Transfer risks between relevant sectors.
- Assist IT Stakeholders with determining and drafting security exceptions communicate about these and create awareness with the risk / vulnerability owners.
- You are responsible for maintaining and improving the IT Security Risk register, risk management processes and methods.
- Identify potential areas of IT security risk for ASML, by performing security risk assessments at IT, application, and system level.
- You ensure that IT security risk mitigation measures are registered, tracked and report on progress/residual risks.
- Recommend risk-mitigating actions, provide high quality, accurate and guidance on how to prevent, or deal with, similar situations in the future and define controls to mitigate these risks
- Prepare and deliver reports and analysis in the form of presentation(s) to be delivered at one or more of the ASML stakeholders and committees
- Identify improvement areas and proposals for IT security risk management processes.
- Support Sox compliance controls checks.
- Next to the core activities you are performing security threat and vulnerability assessments and assess IT security Exception requests together with colleagues from the IT security team.
-Academic qualifications are an advantage, but not a substitute for professional experience;
-Valid industry certifications such CISA, CISM, CRISC the Certified Information Systems Security Professional (CISSP) are a plus;
-Experience in ISO 27001, NIST-800 or equivalent are a plus;
-Valid industry Certifications CISA, CISM, CRISC is a plus (CISSP is desirable but not required)
- 5+ years of experience in IT Security Risk Management and/or Information Security Risk Management.
- Strong understanding of IT and business process analysis and supporting IT technology.
- Experience with IT security risk management in high tech manufacturing is a plus.
- Excellent communication and analysis skills.
- Experience in performing IT security assessments/audits.
- Excellent English communication and presentation skills.Command of the Dutch language is a plus;
- Good working knowledge of Office suite applications like Excel and SharePoint;
- Highly-motivated, with a strong work ethic and able to work effectively independently /under minimal supervision.
- Enthusiastic, self-starting, analytical, precise, tenacious.
- Familiar with local laws and legislation, Sarbanes Oxley
- Excellent knowledge of IT Security risks from a technical and process perspective
- ISO 31000, IEC 31010
-Excellent communication and analysis skills.
-Excellent English communication and presentation skills.Command of the Dutch language is a plus;
-Good working knowledge of Office suite applications like Excel and SharePoint;
-Excellent verbal and written communication skills;
-Highly-motivated, with a strong work ethic and able to work effectively independently /under minimal supervision.
-Enthusiastic, self-starting, analytical, precise, tenacious.
-Familiar with local laws and legislation, Sarbanes Oxley
To attract and retain the best people, we have a competitive employment conditions package, including
- Fixed 13th month;
- Attractive profit scheme (2016:16%)
- 27 holidays and 13 additional free days.
ASML creates the conditions that enable you to realize your full potential. We provide state-of-the-art facilities, opportunities to develop your talents, international career opportunities, a stimulating and inspiring environment, and most of all, the dedication of a company that recognizes and rewards extraordinary performance.Our selection process includes an online Talent Exploration that gathers information about your key drivers, your personal RequisitionLocals, motivators and career ambitions. The Talent Exploration enables both you and us to explore if there is a mutual match - not only for today, but also for your future career at ASML.