Secondment via YER
About this vacancy
Challenging assignment at one of the most high-tech companies in the world.
ASML is looking for a IT security specialist who is capable of:
- Assess IT projects on technical vulnerabilities and weaknesses from security perspective, and able to translate these into security requirements
- Provide IT security advice to projects and translate the advice into solution architectures where you will work with domain architects and specialists from multiple disciplines.
Your job mission is to assess the scope and deliverables of IT projects within ASML and advise the project managers based on potential security risks within their projects.
You are responsible for assessing IT projects and new IT services on technical vulnerabilities and weaknesses. Supported by ASML processes and tooling. You will also assess IT project deliverables before implementation based on assessments of architectural and detailed designs, workshops and interviews. After assessing the IT projects you will advise on security improvements, additional controls and requirements (technical, procedural, organizational).
Beside this, you will be responsible for, but not limited to:
- Inform project managers upon progress of IT security assessments and hours spend upon project
- Reporting upon KPI’s relevant for the IT security assessment
- Help develop and manage the IT Security policies, standards and baselines conform the IT Security Policy Framework
- Create and advice on re-usable IT security solutions
You will have close contact with security vendors, industry peers and with internal IT colleagues like Specialists, Architects and Project Managers. The IT Security Analyst/Architect reports to the Manager IT Security Architecture Team.
ASML is a successful Dutch high-tech enterprise that produces complex lithography systems used by chip manufacturers in the production of integrated circuits. ASML is at the cutting edge of this technology and delivers systems to all the world's leading chip manufacturers. ASML's employees are among the most creative talents in the fields of physics, mathematics, chemistry, mechanical engineering and software. Every day they collaborate in close-knit multidisciplinary teams in which members listen to and learn from one another and exchange ideas. It is the ideal environment for professional development and personal growth. ASML is headquartered in Veldhoven, the Netherlands.
The IT division supports information management, infrastructure and (automation and optimization) of key business processes across. The ICT infrastructure, hardware and applications are absolutely mission-critical for almost all ASML’s internal and external activities. A sub-department within the IT organization is the IT Competence Center IT Security. IT Security CC protects the IT landscape of all ASML and operates within ASML IT and contributes to the IT Mission: Working together to accelerate ASML in accomplishing its business goals, securely.
You will be employed by YER and seconded to ASML. We offer:
- Good employee benefits (e.g. work-life balance, pension, lease car, bonus model)
- Challenging assignments
- Excellent guidance from your consultant and YER's back office
- Development opportunities, including the YER Talent Development Programme with a personal coach
- Intensive support for international candidates (including Dutch lessons, tax-return and accommodation assistance)
- Cooperative and results and relationship-driven
- Friendly atmosphere and open culture
- Community/network with other technology professionals from a variety of multinationals
- Events and master classes with interesting speakers and attractive companies
- Bachelor or Master degree in an IT technical field or equivalent professional experience
- Valid industry certifications such as the Certified Information Systems Security Professional (CISSP) or CISM are a plus
- 3-5 years of experience in Executing Threat and Vulnerability Assessments (TVA) or IT Security risk assessments on complex IT services and applications
- Security knowledge of
o Virtualization technology e.g. Flexpod, ESX, Citrix
o SAP, Oracle, Microsoft
o Network topology, network protocols and network systems
o Experience in ISO 27001 or equivalent is a plus
- Knowledge of Architecture standards and techniques
- Sound understanding of security technologies, best practices, and security policy frameworks
- Strong analytical and conceptual thinking skills
- Excellent English communication skills and dealing with resistance. Command of the Dutch language is a plus
- Able to summarize and communicate technical data to a non-technical audience
- Able to present, advice and convince stakeholders upon the implementation of security requirements
- Highly-motivated, with a strong work ethic and able to work effectively under minimal supervision
- Note: You must be in possession of a valid work permit for The Netherlands