Information and SaaS Security Assessor

In a nutshell


Veldhoven, Netherlands

Published: 13 days ago Job ID: J-00261268-528

Introduction to the job

This role will be responsible for performing 2nd line validations related to information security. In addition, the role shallwill also perform security reviews on the cloud (SaaS) applications. The review activities will be performed according to industry best practices, international security standards like NIST, ISO 27001/27002, ISO 31000, and ASML policies and standards.

  • Ensure the internal information security within ASML are designed, implemented, and operating effectively aligned with the company, program and process objectives.
  • Ensure the use of SaaS applications within ASML are aligned with the company’s risk appetite as defined within the policies and standards.

Role and responsibilities

This role will

  • Perform 2nd line validations related to ASML information security service deliverables, taking into account the controls design, implementation, and operating effectiveness
  • Perform monitoring and reporting on the security controls effectiveness
  • Perform security risk and compliance assessments on the new and existing SaaS applications
  • Provide reasonable level of assurance that the internal information security services within ASML and the SaaS applications are aligned with the company’s risk appetite, policies, and standards
  • Propose improvement activities and controls to remediate the identified observations and to reduce the overall security risks against the company
  • Continuously improve the security validations framework
  • Maintain and continuously improve the assessments methodology

Education and experience

  • Bachelor or Master degree or equivalent combination of education and experience.
  • Minimum 4 years professional experience focusing on information security, risk management and compliance
  • Have working experience in performing reviews on internal or external information security services, information security solutions and SaaS applications
  • Have working experience as internal or external IT and Information Security Auditor or Risk Management Officer, is a plus
  • Knowledgeable and have working experience with international security standards or frameworks such as ISO 31000, sssISO27001 and NIST
  • Knowledgeable about the CSA Cloud Control Matrix
  • Information security risk management qualifications like CRISC, CISSP, CISA or CISM, is a plus


Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems.
To thrive in this job, you’ll need the following skills:

  • Analytical and precise
  • Fluent in both written and spoken English
  • Good communication and organization skills
  • Strong stakeholder management skills and capable of doing so at various organizational levels
  • Pro-active and highly-motivated to drive results
  • Team player, accompanied by good leadership traits

Diversity & Inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Other information

The position is based out of the Information Security Competence Center reporting to the Manager which is reporting hierarchically and functionally to the CISO of ASML.

Need to know more about applying for a job at ASML? Read our frequently asked questions.

Learn more about this job