Application Information Security Risk Manager

ASML Netherlands B.V.
  • Veldhoven
  • Detachering,  ZZP
  • HBO
  • 40 uur
Jamie van Raaij avatar
Jamie van Raaij senior recruitment consultant

Introduction

ASML is the largest supplier in the world of photolithography systems for the semiconductor industry and manufactures machines for the production of integrated circuits. It is a heavily R&D driven company, and as such, it is critical that we properly safeguard our intellectual property. As an information security manager, you will manage information security risks within the R&D domain, which is a challenging position in an intellectual property-driven enterprise.

R&D Security Risk Management (SRM) operates within the R&D domain, which includes Development & Engineering, System Engineering and all Business Lines. R&D SRM is responsible for keeping information security risks within the R&D risk appetite by identifying and assessing risks, driving risk mitigation and monitoring execution.

In the ASML security governance information security risk management is embedded in the sectors itself via so-called sector Security risk management.

As an information security risk manager you will manage information security risks in the R&D domain, which is a challenging position in an Intellectual Property driven enterprise. Throughout the company multiple disciplines are required to ensure proper identification, mitigation and management of these risks.

As part of this profile you will be responsible for:

  • Advice on information security risk management in the (big) data domain
  • Performance of information security risk assessments on processes and applications
  • Communicate and advise on security risk management in projects and, business and IT partners on information security improvements and requirements.

Job Mission

To be completed

Job Description

Ensure security risks do not exceed the risk appetite by timely identifying and assessing risks and propose mitigating controls conform best practice, policies and standards. Identify gaps, propose improvements and update/create policies, standards, means and methods. Monitor and report adherence to required security controls.

This role focusses on information security in the applications and projects domain by amongst others performing Information Systems Security Assessments over R&D owned applications/information systems. Besides these domains you will be expected to also perform/assist in generic security risk assessments and support the R&D Security Risk Management team as a whole.

  • Advice on information security risk management in the (big) data domain
  • Performing Information Systems Security Assessments, write Information Systems Security Reports and provide guidance to risk owners on management response and mitigation.
  • Contribute to improving means and methods related to our focus domains.
  • Align with other projects and application security competences (IT and Business) within the security community.
  • Perform, advice and follow up on generic risk assessments and identified risks.
  • Drive mitigation of agreed controls
  • Update the D&E security risk register
  • Ensure compliance to security policies and standards
  • Alignment with IT (-security) on controls and activities required.

Functie-eisen

Education

To be completed

Experience

  • 5+ years of relevant experience in information security risk management.
  • Knowledge and experience of Big Data and Big Compute security with relevant modern technologies
  • Strong understanding of data structures
  • Experience with several techniques such as Data Migration, Data Pipelining, Data Mining
  • Experience with Identity and Access Management processes.
  • A bachelor degree or higher and relevant education in Information Security, Audit, Cloud and/or SAP Security.
  • In possession of valid industry certifications (CISM, CISA, CISSP, CRISC, CCSP).
  • In possession of a valid work permit for The Netherlands.
  • Understanding / knowledge / experience in the IT security domain.
  • Experience with the ISO27001 & ISO31000 risk management framework.
  • Affinity with Research and Development processes, way of working and culture.
  • Pro; Knowledge of export regulations.
  • Pro; Able to understand and translate IT threats and vulnerabilities to business risk.

Competenties

Personal skills

  • Strong analytical skills.
  • Communication and stakeholder management skills at different levels of the organization and with outside vendors and service providers.
  • Dealing with resistance and reluctance.
  • Pro-active and self-motivated with the proven ability to drive results.
  • Team player.
  • Excellent communication, influencing and negotiating skills.
  • Fluent English (written and verbal). 

Arbeidsvoorwaarden

  • Project expected duration of 24 months.

Bedrijfsinformatie

Other information

You are based in Veldhoven, the Netherlands. You will be employed in the R&D Security Risk Management (SRM) team which is part of the Development and Engineering Information Management department. You will be reporting to the Application security and project security focus group leads and functionally reporting to the R&D Sector Security Risk Manager.

You are a member of the ASML Security community; collaborating also together with Security Risk Managers in other sectors.

*NO ADDITIONAL INFORMATION AVAILABLE*

Solliciteren

Inclusiviteit en diversiteit

Uiteraard staat deze vacature open voor iedereen die zich hierin herkent. We geloven dat diverse teams van belang zijn voor ons als lerende organisatie, die voorop wil blijven lopen in de wereld van werk. Want juist verschillen tussen mensen zorgen voor groei. Van collega's, klanten, kandidaten en daarmee van Yacht. Heb jij een uniek talent? We ontmoeten je graag.

Jamie van Raaij avatar
Jamie van Raaij senior recruitment consultant

Vragen?

recruiter Jamie van Raaij

Jamie van Raaij

senior recruitment consultant

Het sollicitatieproces

1  van 5

Je sollicitatie en cv worden doorgenomen door Jamie van Raaij

2  van 5

Binnen 5 werkdagen ontvang je een reactie

3  van 5

Is er een match, dan plannen we een persoonlijke kennismaking

We onderzoeken samen jouw ambitie en mogelijkheden

4  van 5

Daarna word je (eventueel) voorgesteld bij onze opdrachtgever

Wanneer de klik er is, ga je starten bij je nieuwe uitdaging!

5  van 5

Afhankelijk van het soort dienstverband (interim, zzp of vast), ontvang je van ons een aanbod