In a nutshell
Location
Veldhoven, Netherlands
Team
Legal, Compliance, Risk and Assurance
Work Experience
4-9 years
Educational Background
Computer Science, Other technical backgrounds
Travel
No
Remote Work
Partially
Time Type
Full time
ASML brings together the most creative minds in science and technology to develop lithography machines that are key to producing faster, cheaper, more energy-efficient microchips. We design, develop, integrate, market and service these advanced machines, which enable our customers - the world’s leading chipmakers – to reduce the size and increase the functionality of their microchips, which in turn leads to smaller, more powerful consumer electronics.
The primary responsibilities of the role include, but are not limited to monitoring and analysing Data Leakage Prevention (DLP) incidents to ensure compliance with company policies; understanding a variety of security and compliance policies and incident response processes; exercising sound judgment when determining which events require follow-up response or escalation; working with internal customers to respond to escalations; maintaining incident documentation, analysing incident trends and identifying and translating data leakage risks and proposing remediation actions.
The role shall report to the manager of the Information Security CC.
KEY RESPONSIBILITIES
Essential Responsibilities
You will be performing DLP incident investigations as part of the DLP team to ensure alerts are responded to efficiently and competently. You have close collaboration with the DLP Policy Team in the rules development lifecycle including supporting policy development, response rules, authoring, maintenance, and refinement on an ongoing basis in conjunction with business area stakeholders and security teams.
Collaborating with the other internal (cyber) security teams and DLP incident investigations teams across business sectors is part of the role to ensure alerts are responded to efficiently and competently. You will provide advice, guidance and training to other team members within the centralized team and business sectors on how to use the features and capabilities of the DLP Application for efficient and effective analysis and decision outcomes. You give feedback & support in the design and update of new incident response plans. Addidtionally, you assist in the identification of gaps in maturity in capabilities and propose improvement and plans for future roadmap.
Key Responsibilities:
- Detect DLP incidents and validate events
- Follow up incidents for closure
- Create and optimize playbooks and workflows
- Create Incident Reports and/or Automate Reports for Security Compliance
- Monitoring system scans to ensure high throughput of data generation
- Metrics collection and reporting of details relevant to DLP
- Performs other related duties as assigned
- Other duties as assigned by the Manager
SKILLS
Education
Ideally, the candidate will have a Bachelor’s or Master degree in Information/Cyber Security, or Computer Science, or Engineering discipline.
Knowledge, skills and abilities
- Background in Information/Cyber Security, IT, engineering
- Fluent in English
- Knowledge of privacy and data protection regulatory requirements
- Experience in Manufacturing industry preferred
- Proven effective verbal communication skills
- Proven effective written communication skills leveraged to document policies and standard operating procedures
- Knowledge of incident management processes
Experience
- Preferably 2+ years of Data Loss Prevention (DLP) work experience using Symantec, or equivalent enterprise solutions is required
- An excellent understanding of network and host based DLP technologies, processes, policies and procedures
- Ability to organize and analyse large amounts of data and report findings
- Experience with DLP policy creation, tuning and maintenance, process design, process improvement
- Security work experience and certification is preferred
- Working knowledge of relevant regulatory requirements (e.g., PCI & SOX is highly desirable)
Personal Skills
The role should be able to demonstrate competence in some or all of the following:
- Pro-active and self-motivated with the proven ability to drive results
- Strong stakeholder management skills and capable of doing so at various organizational levels
- Fluent English (written and verbal).Team player and leadership
- Strong in communication, influencing and negotiating skills
- Builder of stakeholder networks
- Able to give direction and good at planning & prioritizing
- Creative when handling problems independently, commitment and flexibility
- Proven effective verbal communication skills
- Proven effective written communication skills leveraged to document policies and standard operating procedures
- Take responsibility and act decisively
- Check and maintain quality
- Manage criticism and demonstrate flexibility