Security Engineer/Architect

Core Profile:

ASML is the largest supplier in the world of photolithography systems for the semiconductor industry and manufactures machines for the production of integrated circuits. It is a heavily R&D driven company, and as such, it is critical that we properly safeguard our intellectual property. As a security engineer in the Metrology and Machine Control cluster, you can use your knowledge and creativity to protect the intellectual property of a company that drives the future of the lithography.

Job Description:

As a security engineer of a DevSecOps team you will be working on and improving the security of the products owned by the Metrology cluster. Together with your peers you will:
 

• assess the security perimeters and create threat models
• develop alerting and detection strategies of any unusual behavior
• proactively identify and reduce security risks
• define security requirements and propose solutions that strengthen the security perimeters such they are in line with the industry regulations and security best practices
• assess off-the shelf tools and integrate them if needed in the existing solution
• educate cross-functional product teams on security best practices
• provide advice on vulnerabilities or potential vulnerabilities within architecture of the cloud-based products your team develops
• focus on continuous improvement through automation and critical thinking

Required skills:

• in-depth knowledge of network security protocols and different technologies
• strong understanding of encryption algorithms, cryptographic protocols and network defense tactics and strategies
• excellent problem-solving and analytical skills to identify and address security vulnerabilities
• continuous learning mindset to stay up-to-date with the evolving security landscape and emerging technologies.

Experience:

• 15+ years relevant job experience
• Master or Bachelor degree and relevant education in Information Security.
• Knowledge of standards, polices and frameworks is preferred (more is better): CIS, MITRE, CCPA, ISO, NIST
• Comprehensive knowledge of (more is better) TerraFrom, GitHub Actions, Ansible, Go, Black Duck, Artifactory, Xray
• Familiarity with API, container and GCP Cloud security
• Knowledge of Identity and Access Management processes, ISO31000 and (US) export regulations is a plus
• In possession of a work permit for the Netherlands

Context of the position

You will be based in Veldhoven and be employed in the Innovation and DevSecOps group within the D&E Metrology and Machine Control cluster. You will become member of the Metrology development community and the ASML Security community, working closely with both the metrology engineers and D&E Security risk managers.

This position requires access to controlled technology, as defined in the Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.

EOE AA M/F/Veteran/Disability

Diversity and inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Need to know more about applying for a job at ASML? Read our frequently asked questions.