IT Security specialist for Supplier Security
Veldhoven, Building 07, Netherlands
Applications have closed
ASML
ASML gives the world's leading chipmakers the power to mass produce patterns on silicon, helping to make computer chips smaller, faster and greener.Job Title
IT Security specialist for Supplier SecurityDegree:
MasterWork Experience:
4-9 yearsTravel:
10%Workplace Types:
On-SiteJob Description:
Introduction to the job
Do you like Information and Cyber Security Controls, auditing and contract negotiating within a Sourcing & Procurement (S&P) environment? Come join ASML as a Senior Specialist Supplier Security to support Supplier Security.
Supplier Security is a team that does security for the sector S&P and also P&D like assessing applications, awareness, risk management and more (internal focus). Supplier Security also assesses, improve and monitor suppliers of ASML (external focus).
Role and responsibilities
• Supplier Security policy/standard (together with team):
o Update the supplier security policy and supplier security standard based on experience, relevant trends from outside and law/regulations
• Information Security at suppliers (your role):
o Assessing IT Security Controls of suppliers as received in written form (self-assessment and onsite assessments)
o Assessing risks related to IT Security Controls
o Giving a final advice for the risks by writing an advice (residual risk)
o Drive improvement of suppliers
• Cyber Security at suppliers (together with cyber specialist): Assessing and improving Cyber Security risks at suppliers identified by our Cyber Security Tool
• Master classes for PR and NPR suppliers (your role to give input, together with team):
o Use issues identified during information security assessment and cyber security at suppliers to develop master classes to improve suppliers in 1 to many events
• Cyber incidents at suppliers (your role to support, together with team):
o Be the senior specialist to guide/support cyber incidents at a supplier and report/communicate with S&P stakeholders
• Contracting suppliers (together with team): Reporting on progress by maintaining your part of the central overview on progress of the negotiations for security controls
• Dashboarding/reporting (your role):
o For all activities dashboard and reports are generated at fixed moments. The manager supplier security creates/is fully informed about the content and makes sure that these dashboards/reports are timely, complete and accurate
Education and experience
• Master degree in an IT technical field or equivalent professional experience
• IT auditor or equivalent certification (par example CISA)
• Valid industry security related certifications such as the Certified Information Systems Security Professional (CISSP)
Experience:
• Overseeing the whole ISO27001 version 2021 with in-depth knowledge of each aspect is preferred
• Having Information and Cyber Security knowledge on a management level and being able to be a counterpart for Subject Matter Experts
• Having a pragmatic approach and can act differently depending on the specific situation (context aware)
• Knowledge and experience with Security audit frameworks and standards
Skills
Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems.
To thrive in this job, you’ll need the following skills:
• Analytical, precise, tenacious, autonomous
• Process minded and Project Management skills
• Diplomatic and good negotiations skills
• Ability to interact with all levels including executives and senior managers
• Ability to build a strong relationship with suppliers
• Strong interpersonal, presentation, analytical and statistical sampling skills
• Exceptional written and verbal communication skills are required
Diversity and inclusion
ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.
Other information
At ASML we invent, develop and manufacture world-leading high tech lithography machines for our chip making customers. These tailor-made machines can image billions of structures in a few seconds with an accuracy of a few silicon atoms. Our headquarters are located in the heart of the Eindhoven region, also known as ‘Brainport’, Europe’s top tech hub.
The S&P department supports the processes related to sourcing and processing of parts to build those lithography machines. A sub-department within S&P is Sourcing Support that has team that deals with Supplier Security and Security Risk Management for S&P. The Information and Cyber Security Specialist reports to the Manager for Supplier Security.
This position requires access to controlled technology, as defined in the Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.
EOE AA M/F/Veteran/Disability
Need to know more about applying for a job at ASML? Read our frequently asked questions.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits C CISA CISSP ISO 27001 Risk management Security assessment
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open PowerShell-related jobs
- Open SQL-related jobs