Secondment via YER
IT & Telecom
About this vacancy
This role will be deputed to the Corporate Sector in ASML to strengthen their Security Risk Management function on a temporary basis.
ASML has a security governance where security risk management is embedded on sector level. The Security Risk Manager drives risk identification and risk mitigation within his/her responsibility area in close cooperation with the Sector Security Risk Manager.
Ensure security risks stays within the risk appetite by timely identification of security risks, performing risk assessments and drive risk mitigation including monitoring and reporting on progress.
Identify risks and perform/facilitate risk assessments.
Drive mitigation of risks; propose mitigating controls in accordance with sector risk appetite and drive implementation and use.
Keep track of risks and their status in the sector security risk register and report to stakeholders; have a clear oversight on the status of current security controls for the sector.
Stakeholder management: ensure awareness and ownership of risks/mitigations.
Ensure compliance to security policies and standards.
Align with IT security department on IT specific aspects of risk assessments.
Keep up with relevant international legislation, emerging threats, forecasts, policies and benchmarks.
ASML is a successful Dutch high-tech enterprise that produces complex lithography systems used by chip manufacturers in the production of integrated circuits. ASML is at the cutting edge of this technology and delivers systems to all the world's leading chip manufacturers. ASML's employees are among the most creative talents in the fields of physics, mathematics, chemistry, mechanical engineering and software. Every day they collaborate in close-knit multidisciplinary teams in which members listen to and learn from one another and exchange ideas. It is the ideal environment for professional development and personal growth.
ASML is headquartered in Veldhoven, the Netherlands.
You will be employed by YER and seconded to ASML. We offer:
- Good employee benefits (e.g. work-life balance, pension, lease car, bonus model)
- Challenging assignments
- Excellent guidance from your consultant and YER's back office
- Development opportunities, including the YER Talent Development Programme with a personal coach
- Intensive support for international candidates (including Dutch lessons, tax-return and accommodation assistance)
- Cooperative and results and relationship-driven
- Friendly atmosphere and open culture
- Community/network with other technology professionals from a variety of multinationals
- Events and master classes with interesting speakers and attractive companies
- Bachelor/Master degree or equivalent combination of education and experience.
- Minimum of 5 years of relevant experience in information security risk management.
- Experience with the ISO27001/2 risk management framework/control.
- An understanding of the IT security domain.
- Basic project management experience
- Information security risk management qualifications like CRISC, CISSP, CISA or CISM
- Strong analytical skills.
- Ability to translate threat, vulnerabilities and risks to business stakeholder level and to drive risk mitigation, dealing with resistance and risk appetite.
- Pro-active and self-motivated with the proven ability to drive results.
- Strong stakeholder management skills and capable of doing so at various organizational levels
- Fluent English (written and verbal).Team player and leadership.
- Strong in communication, influencing and negotiating skills.
- Builder of stakeholder networks
- Able to give direction and good at planning & prioritizing.
- Creative when handling problems independently, commitment and flexibility.
Context of the position
- The person selected shall be based out of Veldhoven reporting to the Manager, Information Security Competence centre. However the role is deputed within the Corporate Sector and shall functionally work for the Corporate Sector under the guidance of the Manager, Corporate Sectors.
- The corporate sectors in scope include amongst others Finance, HR, Legal, Communication, Tax, Treasury, Marketing, Global Quality and Enterprise Management Systems.