Security Risk Manager

  • Vakgebied IT
  • Dienstverband Fulltime
  • Vacaturenummer VAC-10020182
  • Locatie Veldhoven
  • Type overeenkomst Secondment via YER, Interim/independent
  • Branche IT & Telecom

Over deze vacature

The security risk manager, in the security governance & risk team, is responsible for:

  • Supporting the development and maintenance of Security Risk Management means and methods to be applied across Sectors, including the implementation of a GRC Tool
  • Support the CSMR connecting the SRMs community across sectors/function
  • Support the consolidation and aggregation of security risk and report to the CISO/CRC.
  • Support the IT SRM (and CSRM where needed) in performing Risks analysis, assess the coherence and dependencies and propose mitigating measures
  • Support the coordination Risk horizon workshop and RLOS (Risk Line of Sight) meeting with Executive (Planning, sharing, coordinating and follow up activities)


Role and responsibilities

As a risk management specialist in the central security risk management team you are responsible for ensuring that the security risk management sectors can collaborate effectively and have the means available to report to their stakeholders in an effective manner. You will work with the team on defining and formalizing the means and methods used by the security risk management community.

Your responsibilities include, but are not limited to:

  • Align risk reporting requirements of multiple stakeholders
  • Advise on security risk management topics and implementation of means and methods of security risk management. Helping to lift the security risk management competence to a higher maturity level
  • Support in the creation of dashboards and periodic reports on the status of risk management activities to (senior) management
  • Contribute to priority setting on security roadmap initiatives using a risk based approach
  • Assist in the establishment and implementation of risk management frameworks
  • Collaborate with stakeholders within the risk & business assurance community on implementing tooling to support governance, risk and compliance processes


ASML is a successful Dutch high-tech enterprise that produces complex lithography systems used by chip manufacturers in the production of integrated circuits. ASML is at the cutting edge of this technology and delivers systems to all the world's leading chip manufacturers. ASML's employees are among the most creative talents in the fields of physics, mathematics, chemistry, mechanical engineering and software. Every day they collaborate in close-knit multidisciplinary teams in which members listen to and learn from one another and exchange ideas. It is the ideal environment for professional development and personal growth. ASML is headquartered in Veldhoven, the Netherlands.


You will be employed by YER and seconded to ASML. We offer:

  • Good employee benefits
  • Challenging assignments
  • Excellent guidance from your consultant and YER's back office
  • Development opportunities, including the YER Talent Development Programme with a personal coach
  • Intensive support for international candidates (including Dutch lessons, tax-return and accommodation assistance)
  • Cooperative and results and relationship-driven
  • Friendly atmosphere and open culture
  • Community/network with other technology professionals from a variety of multinationals
  • Events and master classes with interesting speakers and attractive companies

Freelancer welcome to apply!


Education and experience

  • Bachelor level position with a focus on information security and/or business management
  • 6+ years of experience working in a risk management role. Preferably within a large high tech organization
  • 6+ in a (Big4) consultancy organization
  • CISA, CISM, CISSP, CRISC, ISO2700/1/2, ISO31000 knowledge and/or certification is a big plus
  • Experience in developing risk control frameworks
  • Experience in stakeholder management & communicating with senior management
  • Experience in process design
  • Experience with ServiceNow GRC tooling is a plus


  • Ability to hit the ground running and come with proposals from day one
  • Great communication skills
  • Highly motivated and with demonstrable leadership attributes
  • Outstanding analytical and critical thinking skills, focused on Risks
  • Extremely diligent and attentive to details
  • Effective communicator at all levels with excellent writing skills
  • Ability to cope under pressure and balancing multiple priorities