IT Security specialist for Supplier Security

Job Title

IT Security specialist for Supplier Security

Degree:

Master

Work Experience:

4-9 years

Travel:

10%

Workplace Types:

On-Site

Job Description:

Introduction to the job

Do you like Information and Cyber Security Controls, auditing and contract negotiating within a Sourcing & Procurement (S&P) environment? Come join ASML as a Senior Specialist Supplier Security to support Supplier Security.

Supplier Security is a team that does security for the sector S&P and also P&D like assessing applications, awareness, risk management and more (internal focus). Supplier Security also assesses, improve and monitor suppliers of ASML (external focus).

Role and responsibilities

•    Supplier Security policy/standard (together with team):
o    Update the supplier security policy and supplier security standard based on experience, relevant trends from outside and law/regulations
•    Information Security at suppliers (your role): 
o    Assessing IT Security Controls of suppliers as received in written form (self-assessment and onsite assessments)
o    Assessing risks related to IT Security Controls
o    Giving a final advice for the risks by writing an advice (residual risk)
o    Drive improvement of suppliers
•    Cyber Security at suppliers (together with cyber specialist): Assessing and improving Cyber Security risks at suppliers identified by our Cyber Security Tool
•    Master classes for PR and NPR suppliers (your role to give input, together with team):
o    Use issues identified during information security assessment and cyber security at suppliers to develop master classes to improve suppliers in 1 to many events
•    Cyber incidents at suppliers (your role to support, together with team):
o    Be the senior specialist to guide/support cyber incidents at a supplier and report/communicate with S&P stakeholders
•    Contracting suppliers (together with team): Reporting on progress by maintaining your part of the central overview on progress of the negotiations for security controls
•    Dashboarding/reporting (your role):
o    For all activities dashboard and reports are generated at fixed moments. The manager supplier security creates/is fully informed about the content and makes sure that these dashboards/reports are timely, complete and accurate

Education and experience

•    Master degree in an IT technical field or equivalent professional experience
•    IT auditor or equivalent certification (par example CISA) 
•    Valid industry security related certifications such as the Certified Information Systems Security Professional (CISSP)

Experience:

•    Overseeing the whole ISO27001 version 2021 with in-depth knowledge of each aspect is preferred
•    Having Information and Cyber Security knowledge on a management level and being able to be a counterpart for Subject Matter Experts
•    Having a pragmatic approach and can act differently depending on the specific situation (context aware)
•    Knowledge and experience with Security audit frameworks and standards

Skills

Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems.
To thrive in this job, you’ll need the following skills:
•    Analytical, precise, tenacious, autonomous
•    Process minded and Project Management skills
•    Diplomatic and good negotiations skills
•    Ability to interact with all levels including executives and senior managers
•    Ability to build a strong relationship with suppliers
•    Strong interpersonal, presentation, analytical and statistical sampling skills
•    Exceptional written and verbal communication skills are required
 

Diversity and inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Other information

At ASML we invent, develop and manufacture world-leading high tech lithography machines for our chip making customers. These tailor-made machines can image billions of structures in a few seconds with an accuracy of a few silicon atoms. Our headquarters are located in the heart of the Eindhoven region, also known as ‘Brainport’, Europe’s top tech hub. 

The S&P department supports the processes related to sourcing and processing of parts to build those lithography machines.  A sub-department within S&P is Sourcing Support that has team that deals with Supplier Security and Security Risk Management for S&P. The Information and Cyber Security Specialist reports to the Manager for Supplier Security.
 

This position requires access to controlled technology, as defined in the Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.

EOE AA M/F/Veteran/Disability

Need to know more about applying for a job at ASML? Read our frequently asked questions.