Security Risk Manager/Cybersecurity
Wilton CT Offices, USA
Applications have closed
ASML
ASML gives the world's leading chipmakers the power to mass produce patterns on silicon, helping to make computer chips smaller, faster and greener.Introduction to the Job
ASML US, including its affiliates and subsidiaries, bring together the most creative minds in science and technology to develop lithography machines that are key to producing faster, cheaper, more energy-efficient microchips. We design, develop, integrate, market and service these advanced machines, which enable our customers - the world’s leading chipmakers - to reduce the size and increase the functionality of their microchips, which in turn leads to smaller, more powerful consumer electronics. Our headquarters are in Veldhoven, Netherlands and we have 18 office locations around the United States including main offices in Chandler, Arizona, San Jose and San Diego, California, Wilton, Connecticut, and Hillsboro, Oregon.
The mission of the Information Management department is to unleash Research and Development’s (R&D) full potential by maximizing productivity. As a Security Risk Manager, you will be part of a creative and dynamic team that collaborates to solve challenges that impact the R&D organization.
Role and Responsibilities
This role focuses on information security risks, supporting Development & Engineering (DE), Business Line Applications, Corporate Intellectual Property, Research and System Engineering. You will ensure that information security risks do not exceed our risk appetite by identifying and assessing risks – recommending mitigating controls from our security framework. You will be the first point of contact on security risks related to the R&D organization.
This role will have a wide range of internal interfaces with multiple IT teams, Legal and Risk/Business Assurance, Customer Support and Operations. You will also interface with other programs, projects and agile teams – as well as R&D team members based out of Europe.
As a Security Risk Manager/Cybersecurity, you will:
- Perform information security risk assessments on new initiatives; lead architectural design reviews, recommending mitigating controls and driving their implementation
- Routinely align with other security competences within the security community on risks linked to R&D information assets
- Build your own reference network and use the networks of others to generate support and activate stakeholders throughout the R&D organization
- Ensure compliance with all security policies and standards, including regulations focused on controlled technology
- Perform generic risk assessments and/or arrange penetration tests on existing applications; registering risks, recommending controls and driving the mitigation of those controls
- Actively participate in global security project initiatives, providing input from a US perspective to ensure a successful implementation
- Support the development of trainings to successfully embed security awareness within the R&D organization
Education and Experience
To help us tackle the technical challenges we face, you will need experience working on high-tech products and with complex processes.
As a Security Risk Manager/Cybersecurity, you will need:
- Bachelor’s Degree in Information Security, Cybersecurity, Risk, Audit or combination of education and/or equivalent related work experience
- 5+ years of relevant experience in information security risk management
- A strong background in IT or proven relevant experience in the IT security domain
- Proven experience with ISO27001/NIST frameworks, industry standards and best practices
- Preferred security certifications (e.g. CRISC, CISSP/CISM, CISA, etc.) but not required
- Knowledgeable in networking and firewall concepts
- Experience working within DevOps environments a plus
Skills
Working at the cutting edge of tech, you will always have new challenges and new problems to solve – and working together is the only way do that. You will not work in a silo. Instead, you will be part of a creative, dynamic work environment where you will collaborate with supportive colleagues. There is always space for creative and unique points of view. You will have the flexibility and trust to choose how best to tackle tasks and solve problems.
To thrive in this job, you will need the following skills:
- Results driven. Demonstrates ownership and accountability, following through on assignments with minimal supervision
- Strong communications skills, with the ability to influence, negotiate and build consensus with key stakeholders
- Strong analytical and problem-solving skills with attention to detail
- Ability to understand and translate information security threats and vulnerabilities into business risk for stakeholders
- Ability to work both independently and in a team environment where flexibility, creativity and commitment are important
- Ability to think strategically for long-term vision in terms of culture, behavior, business processes and tools, yet can tailor solutions to be fit-for-purpose and deliver quick wins
- Continuous learner with a passion for staying ahead of security trends and technologies
Other Information
- This position is located on-site in Wilton, Connecticut. It requires onsite presence to attend in-person work-related events, trainings and meetings and to further ensure teamwork, collaboration and innovation
- A flexible workplace arrangement may be available to employees working in roles conducive to remote work (up to 2 days a week)
- Occasionally lift and/or move up to 20 pounds
- Specific vision abilities required by this job include close vision, color vision, peripheral vision, depth perception and ability to adjust focus
- Must be willing to work in a clean room environment, wearing coveralls, hoods, booties, safety glasses and gloves for entire duration of shift
- While performing the duties of this job, the employee routinely is required to sit; walk; talk; hear; use hands to keyboard, finger, handle and feel; stoop, kneel, crouch, twist, reach and stretch
This position requires access to controlled technology, as defined in the Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.
Diversity and inclusion
ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.
Need to know more about applying for a job at ASML? Read our frequently asked questions.
Request an Accommodation
ASML provides reasonable accommodations to applicants for ASML employment and ASML employees with disabilities. An accommodation is a change in work rules, facilities, or conditions which enable an individual with a disability to apply for a job, perform the essential functions of a job, and/or enjoy equal access to the benefits and privileges of employment. If you are in need of an accommodation to complete an application, participate in an interview, or otherwise participate in the employee pre-selection process, please send an email to USHRServiceCenter@asml.com to initiate the company’s reasonable accommodation process.
Please note: This email address is solely intended to provide a method for applicants to initiate ASML’s process to request accommodation(s). Any recruitment questions should be directed to the designated Talent Acquisition member for the position.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile C CISA CISM CISSP Compliance CRISC DevOps Firewalls ISO 27001 NIST NIST Frameworks R&D Risk assessment Risk management Vulnerabilities
Perks/benefits: Flex hours Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.