Security Advocate

Become a Security Engineer here and help strengthen the digital resilience of the Netherlands.

Cyber threats are evolving faster than ever. Large organizations in sectors like high-tech, financial services, automotive, and healthcare are facing major challenges:

• • How do you implement Zero Trust in complex hybrid and multi-cloud environments?
• • How do you ensure security in DevOps, CI/CD, and containerized infrastructures?
• • How do you combine speed and security in cloud migrations and automation efforts?
• • How do you comply with NIS2, ISO 27001, and GDPR, without slowing down the business?

As a Security Engineer, you're not a hands-on implementer, but a T-shaped consultant who operates across domains and technologies. You act as a bridge between architecture, operations, development, and compliance. You’ll be working in multidisciplinary teams while contributing your expertise to other domains as well including Cloud Native & Readiness, Automation and Data & AI Acceleration. You’ll be part of a greenfield environment with significant autonomy, where you can pioneer, innovate, and make a real impact on how we shape security. What will you do? As a Security Engineer, you’ll design and implement modern security solutions using the OpenSource and Microsoft Security ecosystems. You’ll be involved in securing SDLC, CI/CD, cloud migration, and also deliver security expertise within data and cloud initiatives. You’ll advise at a strategic level while also contributing hands-on to the technical realization of solutions.

ASML is a successful Dutch high-tech enterprise that produces complex lithography systems used by chip manufacturers in the production of integrated circuits. ASML is at the cutting edge of this technology and delivers systems to all the world's leading chip manufacturers. ASML's employees are among the most creative talents in the fields of physics, mathematics, chemistry, mechanical engineering and software. Every day they collaborate in close-knit multidisciplinary teams in which members listen to and learn from one another and exchange ideas. It is the ideal environment for professional development and personal growth. ASML is headquartered in Veldhoven, the Netherlands.

You will be employed by YER and seconded to our client. We offer:

• Good employee benefits
• Challenging assignments
• Excellent guidance from your consultant and YER's back office
• Development opportunities, including the YER Talent Development Programme with a personal coach
• Intensive support for international candidates (including Dutch lessons, tax-return and accommodation assistance)
• Cooperative and results and relationship-driven
• Friendly atmosphere and open culture
• Community/network with other technology professionals from a variety of multinationals
• Events and master classes with interesting speakers and attractive companies

What do you bring?

You are a pioneer who isn’t afraid to set the course. With a medior to senior level of expertise, you navigate multiple security domains with ease. Whether you have four or twenty years of experience, it’s your vision and mindset that set you apart. You can effectively apply technical concepts like Zero Trust, GRC, and DevSecOps, and translate them into policies, processes, and clear communication for stakeholders. You combine technical depth with strategic insight and play an active role in shaping the security strategies of tomorrow. Your expertise likely touches the following areas:

Identity & Access Management (IAM) & Zero Trust

You understand the critical importance of a reliable and flexible identity model. You can design and implement access models in hybrid and multi-cloud environments from Microsoft Entra ID to alternatives like Okta or Keycloak. Whether it's federation, conditional access, or identity governance, you bring clarity and execution power.

Threat Detection & Incident Response

You know what it takes to make organizations resilient to cyber threats. Whether using Sentinel or Splunk, you set up effective detection and response structures where log sources, alerts, and playbooks work together seamlessly. You’re familiar with XDR and SIEM environments and contribute to both preventive and forensic efforts.

Governance, Risk & Compliance (GRC)

You translate legal and regulatory requirements into pragmatic security measures without hindering business processes. You work with tools for data classification, auditing, and DLP, and support audits and certifications. ISO 27001, GDPR, and NIS2 are familiar territory as are the tools to monitor and enforce compliance.

Cloud Security & DevSecOps

You think “security first” across the entire software lifecycle. You ensure security is a seamless part of the pipeline from infrastructure to container platforms. Whether it’s securing an AKS cluster or implementing IaC with Terraform, you combine automation with control.

Automation, Policy-as-Code & Scripting

Automation is second nature to you. You use scripting languages and policy engines to make security rules repeatable and testable. You thrive in environments where code, security, and governance intersect whether using PowerShell, Python, or OPA.

Communication & Stakeholder Management

Security is only effective if everyone understands it. You make complex concepts accessible to all levels of an organization from DevOps teams to C-level. You're a bridge between technology, policy, and strategy, and contribute actively to knowledge sharing both within YER and with our clients. Certifications & Experience (nice to have) We’re looking for someone with several years of relevant experience in cloud or hybrid security environments.

Certifications such as SC-100, CISSP, or CKA are a plus but not a hard requirement. What matters most to us is your ability to switch between vision and execution, between compliance and technology