Server Security Specialist

Doorsturen
 
  • Vakgebied IT
  • Dienstverband Fulltime
  • Vacaturenummer VAC-10021824
  • Locatie Veldhoven
  • Type overeenkomst Secondment via YER, Interim/independent
  • Branche IT & Telecom

Over deze vacature

Introduction to the job

We are seeking a colleague who is a security expert within the Server domain and who is able to interact with senior management level, but also with engineers upon security within the Server domain. Will you join us to assure an adequate level of protection is maintained for ASML’s worldwide network and 40.000+ connected assets? We would like to welcome you to join us on our security journey.

As Security specialist Servers you will be responsible to set up and maintain security policies, standards, and hardening guidelines for Servers and their used OS’ s, including Virtual environments (VM’s). This for existing technology, but also for new technology introduced in the scope of this function.

The ASML employee currently fulfilling this job has found another job internal ASML as per 1-4-2022. We are seeking a temporary fulfillment of this job. In the next months, this job will be transferred to IT as part of a new IT security Organisation.

Functie

Role and responsibilities

As Security specialist Servers you will assess current protection level of the network connected Servers (hardware, OS’s and their configuration) and the compliance towards ASML policies and legal obligation (e.g. SOX). As Security Specialist Servers you will support workplace management, ESP’s , projects, Agile teams and other initiated activities to assure an adequate protection level of the servers connected to ASML infrastructure. The Security Specialist Servers security will monitor and report upon compliance and will coordinate and support root cause analysis related to server security incidents and other detected noncompliance situations. Where applicable (s)he support investigations / computer forensics activities and support pen tests upon servers and their OS level.

Focus will be on security of:

  • Physical Servers and their OS’s and relevant server features
  • Virtual Machines and their OS’s and relevant server features
  • Hypervisors and relevant server features
  • Assess and report upon the current state of compliance and risk level
  • Support Pen tests and computer forensics where applicable (the core activities, outputs expected of the role, regulatory & legal requirements)
  • Responsible to assure that Security, BCM and legal requirements are effectively covered within System / OS security policies and standards and followed by projects and 3rd parties / service providers
  • Responsible to advice on security improvements and (additional) security controls on Servers, VM’s and their OS ‘s based upon and related to new technology developments, audit results, incidents, risk assessments and other lessons learned
  • Initiate, prepare, execute and report upon security assessment (e.g. verifications, checks, tests, audits) within your domain
  • Support pen tests upon (parts of) ASML’s infrastructure and support / coordinate computer forensics
  • Monitor and report upon compliance and protection level of Servers including risks
  • Initiate, monitor and report upon appropriate corrective actions to mitigate the detected non-compliance situation
  • Support other team members within the Technology Security team

Bedrijf

ASML is a successful Dutch high-tech enterprise that produces complex lithography systems used by chip manufacturers in the production of integrated circuits. ASML is at the cutting edge of this technology and delivers systems to all the world's leading chip manufacturers. ASML's employees are among the most creative talents in the fields of physics, mathematics, chemistry, mechanical engineering and software. Every day they collaborate in close-knit multidisciplinary teams in which members listen to and learn from one another and exchange ideas. It is the ideal environment for professional development and personal growth.

ASML is headquartered in Veldhoven, the Netherlands.

Aanbod

You will be employed by YER and seconded to ASML. We offer:

  • Good employee benefits
  • Challenging assignments
  • Excellent guidance from your consultant and YER's back office
  • Development opportunities, including the YER Talent Development Programme with a personal coach
  • Intensive support for international candidates (including Dutch lessons, tax-return and accommodation assistance)
  • Cooperative and results and relationship-driven
  • Friendly atmosphere and open culture
  • Community/network with other technology professionals from a variety of multinationals
  • Events and master classes with interesting speakers and attractive companies

Profiel

EXPERIENCE

  • More than 5-10 years’ experience with management and security of servers and OS’s (e.g. Windows, Linux/Unix / VM), (Must)
  • Experience with supporting and conducting (automated) security assessments, pentests and forensic investigation related to Servers and their OS’s/ features is a pre.
  • Experience with security and the Life Cycle Management stages of a servers and it’s OS.(Must)
  • Experience with automated compliance verification of Servers (On premise and in the cloud) (Must)
  • Experience with Agile / SAFe framework is a pre
  • Having a security certificate (e.g. CISSP, CISA) or any other relevant security certificate is a preference. (Must)

KNOWLEDGE AND EDUCATION

  • Having up-to-date and latest certificates related to Microsoft Servers, Linux and other server OS’s is a must
  • Relevant Microsoft Certifications
  • Relevant UNIX / LINUX certifications
  • Cloud technology (Azure, WBS, Google)

Deep technical knowledge of: 

  • Hardware of servers)
  • Operation Systems (OS) (e.g. Windows / UNIX / Linux / VMware….)
  • OS related software such as: anti-virus, Host IPS (HIPS), EDR
  • Knowledge and experience with assessing, monitoring and reporting upon compliance
  • KPI definition and reporting upon KPI’’s
  • Perform structured and controlled security assessments to determine the effectiveness of implemented protection mechanism and security controls
  • Documentation and presentation of results, conclusions and proposals

Familiar with industry security best practices / framework such as:

  • CIS Standards
  • ISO 27001
  • COBIT/ ITIL
  • SANS Top 20
  • NIST standards
  • Other relevant industry standards

Skills

Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems. To thrive in this job, you’ll need the following skills:

  • Analytical, precise, tenacious, autonomous
  • Familiar with local laws and legislation incl. Sarbanes Oxley
  • Ability to interact with all levels including executives and senior managers
  • Strong interpersonal, presentation, analytical and statistical sampling skills
  • Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments
  • Exceptional written and verbal communication in skills Dutch and English are required
  • Flexibility to travel 10% (depends on location)
Doorsturen