You can withdraw your consent at any time on our cookie consent page.Configure your cookie settings and confirm to save your settings. You can withdraw or change your consent at any time on our cookie consent page.
Security Risk Manager
Legal, Compliance, Risk and Assurance
In a nutshell
Legal, Compliance, Risk and Assurance
Other technical backgrounds
Introduction to the job
ASML US brings together the most creative minds in science and technology to develop lithography machines that are key to producing faster, cheaper, more energy-efficient microchips. We design, develop, integrate, market and service these advanced machines, which enable our customers - the world’s leading chipmakers - to reduce the size and increase the functionality of their microchips, which in turn leads to smaller, more powerful consumer electronics. Our headquarters are in Veldhoven, the Netherlands, and we have 18 office locations around the United States including main offices in Chandler, Arizona, San Jose and San Diego, California, Wilton, Connecticut, and Hillsboro, Oregon.
Always wanted to work together with local (Customer Support) teams, solving security issues together with our external customers?
The US Security Risk Manager aligns security requirements from ASML with our customers and helps ASML engineers in any security issue.
Each sector, business line and country is accountable and responsible for managing ASML’s key risks and controls, enabling ASML to achieve its vision, mission and business objectives responsibly. To be in control, each sector, business line and country identifies and assesses key risks, designs and implements responses. Then Monitoring and reporting on risks and effectiveness of responses within their respective sector, business line or country.
The CS US Security Officer will be responsible for the protection of ASML’s information and assets, and that of ASML’s customers and suppliers within the US region, through the alignment of ASML Information Security strategies and policies while interfacing with the Business, and enforcing system and application security controls. This position will continuously assess and report on security, operational, process, and physical threats to regional ASML systems, networks, and the Intellectual Property of ASML and its customers.
This position requires access to controlled technology, as defined in the Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.
Role and responsibilities
Be the US Customer Support (CS) representative to manage risks relating to the leakage of company secret information, the leakage of customer confidential information and the disruption of non-manufacturing operations.
Be the Information Security single point of contact and representative in the US CS ASML region for any Information/Customer security related topics or issues.
Build excellent working relationships with ASML business units championing security risk management within assigned region.
Work cross sectorally with other Security Risk Managers (SRM’s) to assess and manage risks across the sectors.
Assess and mitigate the risks associated to the ASML regional network, systems and processes to provide a safe and secure environment.
Evangelize Information Security polices and raise Security awareness knowledge to foster an attitudinal change in Security knowledge, process, and requirements.
Support ASML Cyber Defense Center (CDC) activities and ensure 7/24/365 response on any major IT security incidents in U.S. region.
You are part of the worldwide SRM team responsible to manage and assess risks to CS.
Collects CS security requirements and align ASML security requirements with customer(s).
Creates Information Security awareness.
Perform ASML Incident Management for security related to CS incidents/issues.
Responsible for the protection of Customer Information related to CS.
Performs Risk Management for CS.
Creates and maintain Security policies for CS.
Maintains a large network with the area of responsibilities within CS.
Education and experience
Bachelor degree or equivalent experience.
CISSP/CISM or comparable certification preferred.
IT Risk assessment frameworks e.g.
CSC Top 18 Controls.
NIST SP 800 30 framework.
ISO 27001 framework.
MITRE ATT&CK Matrix knowledge a plus.
Flexibility to 25% travel.
More than 5 years’ experience, preferred, as an IT Security professional in:
Conducting Security Gap Assessments.
Communicating with Stake holders and Senior management.
Translating the output of security assessment into security baseline/plan for the IT service.
Security Awareness training for executive and employees.
Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems.
To thrive in this job, you’ll need the following skills:
Can observe and respond to people and situations and interact with others encountered in the course of work.
Can learn and apply new information or skills.
Must be able to read and interpret data, information, and documents.
Strong customer focus and commitment to customer satisfaction through prioritization, quality, efficiency and professionalism.
Ability to complete assignments with attention to detail and high degree of accuracy.
Proven ability to perform effectively in a demanding environment with changing workloads and deadlines.
Result driven-demonstrate ownership and accountability.
Identifies bottlenecks and drives improvements.
Work independently or as part of a team and follow through on assignments with minimal supervision.
Demonstrate open, clear, concise and professional communication.
Ability to establish and maintain cooperative working relationships with manager, co-workers and customer.
Work according to a strict set of procedures within the provided timelines.
Able to operate independently.
Ability to interact with all levels including engineers, executives and senior managers.
Deep technical knowledge of Information Security.
Ability to overcome organizational resistance.
Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments.
Analytical, precise, tenacious, autonomous.
Diversity & Inclusion
ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.
Role within Office
Routinely required to sit; walk; talk; hear; use hands to keyboard, finger, handle, and feel; stoop, kneel, crouch, twist, reach, and stretch.
Occasionally required to move around the campus.
Occasionally lift and/or move up to 20 pounds.
May require travel dependent on business needs.
Specific vision abilities required by this job include close vision, color vision, peripheral vision, depth perception, and ability to adjust focus.
EOE AA M/F/Veteran/Disability
Need to know more about applying for a job at ASML? Read our frequently asked questions.