In a nutshell
Location
Veldhoven, Netherlands
Team
Legal, Compliance, Risk and Assurance
Work experience
4-9 years
Educational background
Computer Science, Other technical backgrounds, Other non-technical backgrounds
Travel
10%
Workplace type
Hybrid
Fulltime/parttime
Full time
Introduction to the job
The Security Control & Compliance Specialist is responsible for maintaining and enhancing ASML’s security control framework to ensure effective risk mitigation and compliance with internal standards and external regulations. The role focuses on defining and deploying controls, coordinating control monitoring activities, and supporting the development of dashboards and reporting capabilities that measure control effectiveness.
This position requires strong collaboration with stakeholders across the business, excellent communication skills, and the ability to translate control requirements into practical actions.
Role and responsibilities
Control Framework Management
Define, update, and maintain ASML’s security control framework.
Deploy controls across the organization and ensure clear ownership and understanding.
Ensure control designs include measurable, risk‑aligned objectives.
Control Monitoring & Assessments
Coordinate 1st line control self‑assessments and 2nd line control testing activities.
Develop, review, and maintain control self‑assessment questions and testing scripts.
Review control attestation and validate operational effectiveness through continuous monitoring.
Track findings and follow‑up actions to closure, ensuring completeness and timely resolution.
Reporting & Metrics
Work with Data Analytics & Reporting teams to design and maintain dashboards for control effectiveness.
Define and implement KPIs and KRIs related to control performance and maturity.
Escalate deviations where required and provide clear, structured reporting to stakeholders and management.
Stakeholder Collaboration
Build and maintain strong working relationships with key stakeholders (IT, Security, Compliance, Legal, Internal Audit, and business sectors).
Translate control requirements into practical guidance and support for the organization.
Promote a culture of accountability and continuous improvement within control execution.
Continuous Improvement
Stay up to date with emerging security, technology, and regulatory developments and incorporate them into the framework.
Support control automation and tooling enhancement initiatives.
Contribute to the maturity of Security Risk & Control Management within ASML.
Education and experience
Required
Bachelor’s or Master’s degree in Business Administration, Information Technology, Cybersecurity, Internal Auditing, or a related field.
5–10 years of experience in internal audit, IT audit, internal controls, or (SAP) security risk and control management in enterprise environments or consulting.
Hands‑on experience with ISMS implementation or security risk and control frameworks.
Proven experience defining, implementing, and managing internal or security control frameworks.
Good understanding of IT processes, cybersecurity concepts, and control testing methodologies.
Preferred
Certifications such as CISA, CISM, or CISSP.
Experience with frameworks such as NIST CSF, ISO 27001/2, ISF SOGP, IEC 62443, or NIST SP 800‑30.
Familiarity with SAP security controls and security technologies.
Skills
Technical Skills
Strong knowledge of IT and security control frameworks.
Experience in control lifecycle management (design → deployment → monitoring → attestation).
Ability to interpret risk assessments and translate them into control requirements.
Capability to work with dashboards, KCIs, KRIs, or other reporting tools.
Behavioral Skills
Strong team player with excellent communication skills.
Ability to collaborate with diverse stakeholders across all levels.
Proactive, self‑starting mindset with solid organizational skills.
Ability to manage multiple topics while maintaining oversight of priorities and long‑term objectives.
Constructive influencer with the ability to navigate differing perspectives and drive alignment.
Inclusion and diversity
ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that inclusion and diversity is a driving force in the success of our company.
Need to know more about applying for a job at ASML? Read our frequently asked questions.