Security Control & Compliance specialist

Are you a seasoned control & compliance professional and enthusiast, with vast experience in control frameworks, ISMS, or security risk & control management in enterprise environments or as a consultant for the Big Four? In that case, ASML offers you THE opportunity you are looking for in a company of 43.000 employees (and growing), with 144 nationalities and a presence in over 60 worldwide locations, creating cutting edge technology. 

Introduction to the job 

The Security Control & Compliance specialist is responsible for maintaining the Security control framework that protects our organization, while meeting regulatory and industry standards. You ensure that the control framework is reflecting ASML’s risk appetite and helps the company to effectively and efficiently deal with security risks. Furthermore, you will manage and coordinate the lifecycle of controls, drive effective control design and automation. You validate this by ensuring that adequate monitoring capabilities are realized. Together with our Data Analytics & Reporting team, you design and implement effective management reporting and dashboarding capabilities. You flag deviations, escalate to senior management where needed and own and drive the resolution process to completion.  

Role and responsibilities 

• Perform regular audits and compliance assessments to ensure adherence to security standards and policies.

• Collaborate with the incident response team to ensure controls can respond to security incidents effectively.

• Lead efforts to continuously improve the security control framework, incorporating automation where possible.

• Develop clear metrics and KPIs and KRIs to measure control effectiveness and report to stakeholders.

• Ensure control designs are effective by defining clear, measurable control objectives.

• Validate operational effectiveness by continuous monitoring and testing.

• Stay updated on emerging cybersecurity threats and adjust the control framework accordingly.

• Develop strong relations with all levels of the organization, including peers across IT, legal, compliance, internal audit, security and ASML’s sectors. 

In this role you are positioned in the 2nd line Security organization in the Risk & Business Assurance (R&BA) department of ASML Corporate. 

Education and experience 

Experience in internal audit, IT audit, internal control or (SAP) security risk management in multiple (enterprise) environments (or alternatively as a consultant for the Big Four) is a must in this role, as well as having  hands-on experience in implementing an ISMS or general security risk and control frameworks. 

You have excellent influencing and interpersonal skills, being able to further develop Security Risk and control management within ASML by building trusting and long-term relationships. You are tenacious and possess the ability to overcome organizational resistance, as well as the ability to interact across all levels of the organization. 

You are a self-starter, able to operate autonomously with little guidance. Last but not least, you are comfortable in starting up several initiatives at the same time without losing the overview and bigger picture. The ideal candidate will also have:  

• Bachelor's or master's degree in a relevant discipline, e.g., Business Administration, Information technology, Cybersecurity, Internal Auditing, IT management.

• Minimum of 10+ years professional experience with a focus on security, IT auditing, Information Security Management Systems (ISMS).

• Relevant certifications such as CISSP, CISM or CISA.

• Experience with defining and running an internal (security) control framework.

• Deep Knowledge of current security technologies, current and future developments for SAP, in-depth working knowledge of IT Risk/security frameworks and best practices, such as NIST Cyber security framework, ISF Standard of Good Practice for Information Security, IEC 62443, NIST SP 800 30 framework, ISO 27001/2 framework. 

Other information 

Unlocking the potential of people and society by pushing technology to new limits, that is what ASML stands for. Be part of the team that ensures ASML’s purpose can continue to be successful by protecting and securing its physical and digital assets. Join our beyond best in class security team. 

Digitalization is all about data, and data must be trusted for ASML to be successful and deliver top notch technical solutions in the semiconductor industry. ASML’s Security department is therefore seen as pivotal for the success and sustainable growth of ASML. Not only the number of employees, but also its ever-expanding supplier and customer base are demanding beyond best-in-class security. This dynamic and challenging environment requires beyond best-in-class security professionals.  

Are you interested in this role? Please apply with your CV and cover letter, detailing your motivation for this position. ASML is GDPR compliant, therefore we cannot process applications sent outside of our recruitment system. 

This position requires access to controlled technology, as defined in the Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.

Diversity and inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Need to know more about applying for a job at ASML? Read our frequently asked questions.