Secondment via YER
About this vacancy
Do you like Information Security Controls, auditing, agreements, and supplier interaction? Come join ASML as an Information Security specialist for Sourcing support.
ASML has many suppliers worldwide of which a subset of them processes ASML data including personal data. For these suppliers security controls are part of the overall agreement. IT Security is involved in this process as Subject Matter Expert for the IT Security Controls that are described in the Security Schedules. IT Security is also involved in the security controls related to Supplier Collaboration Portals like access control, infrastructure security, network connections, and much more.
At the location Veldhoven we are looking for an Information Security Specialist to support Sourcing and/or Legal with knowledge of IT Security Controls.
As Information Security Specialist you will be responsible for:
- Assessing Information Security Controls of suppliers as received in written form
- Assessing risks related to IT Security Controls
- Giving final advice for the risks by writing advice (residual risk)
- Reporting on progress by maintaining your part of the central overview of the progress of the negotiations
- Assess Supplier Collaboration Portals
- Assess Supplier Access Controls
- Manage supplier Self-Assessments and risk identification, GAP priority, and improvement
ASML is a successful Dutch high-tech enterprise that produces complex lithography systems used by chip manufacturers in the production of integrated circuits. ASML is at the cutting edge of this technology and delivers systems to all the world's leading chip manufacturers. ASML's employees are among the most creative talents in the fields of physics, mathematics, chemistry, mechanical engineering and software. Every day they collaborate in close-knit multidisciplinary teams in which members listen to and learn from one another and exchange ideas. It is the ideal environment for professional development and personal growth.
ASML is headquartered in Veldhoven, the Netherlands.
- Good employee benefits (e.g. work-life balance, pension, lease car, bonus model)
- Challenging assignments
- Excellent guidance from your consultant and YER's back office
- Development opportunities, including the YER Talent Development Programme with a personal coach
- Intensive support for international candidates (including Dutch lessons, tax-return and accommodation assistance)
- Cooperative and results and relationship-driven
- Friendly atmosphere and open culture
- Community/network with other technology professionals from a variety of multinationals
- Events and master classes with interesting speakers and attractive companies
- Bachelor or Master degree in an IT technical field or equivalent professional experience
- EDP auditor with specialization IT auditing or equivalent
- Valid industry security related certifications such as the Certified Information Systems Security Professional (CISSP) and /or CISA are a plus
- Having Information Security knowledge overseeing the whole ISO27001. In-depth knowledge of each aspect is preferred
- Having a pragmatic approach and can act differently depending on the specific situation (business-aware)
- Knowledge and experience with Security audit frameworks and standards
- Analytical, precise, tenacious, autonomous
- Process minded and Project Management skills
- Diplomatic and good negotiations skills
- Ability to interact with all levels including executives and senior managers
- Ability to build a strong relationship with 3rd parties
- Strong interpersonal, presentation, analytical and statistical sampling skills
- Exceptional written and verbal communication skills are required