Senior DevSecOps Engineer

Veldhoven, Building 03, Netherlands

ASML

ASML gives the world's leading chipmakers the power to mass produce patterns on silicon, helping to make computer chips smaller, faster and greener.

View all jobs at ASML

Apply now Apply later

Introduction to the job

We are seeking a hands-on DevSecOps Engineer to elevate security within our software development lifecycle by embedding robust, automated security practices across our CI/CD pipelines. In this role, you will integrate security controls, enhance compliance, and collaborate closely with cross-functional teams to build a secure DevOps culture. Ideal candidates are passionate about automation, experienced in Java-based applications, and skilled in implementing security solutions that scale.

Role and responsibilities

  • Integrate security tools like SAST, DAST, and SCA (SonarQube, Checkmarx, OWASP ZAP, BlackDuck) directly into CI/CD pipelines 9 Bitbucket), enabling early detection of vulnerabilities.

  • Implement automated security testing and compliance checks to support continuous integration, using tools such as SonarQube and OWASP ZAP.

  • Establish and manage secure, scalable solutions for secrets management, utilizing tools like HashiCorp Vault and GitGuardian.

  • Ensure best practices in cloud (GCP) and containerized environments (Docker, Kubernetes), securing deployment and runtime configurations.

  • Implement and monitor security alerts to respond swiftly to security incidents, minimizing potential impact.

  • Collaborate with development , operations and security teams to prioritize security, offer guidance on best practices, and drive awareness of secure coding standards.

Education and Experience

  • A Bachelor or Master degree in a technical field

  • 3+ years of experience in DevSecOps or similar roles.

  • Strong Java development background with secure coding experience; Python experience is a plus.

  • Hands-on experience with SAST, DAST, and SCA tools (e.g., SonarQube, Checkmarx, OWASP ZAP, Trivy).

  • Proficiency in CI/CD pipelines and infrastructure-as-code tools (e.g., Terraform, Ansible).

  • Expertise in cloud and container security (e.g., AWS, Docker, Kubernetes).

  • Familiarity with standards, policies, and frameworks (e.g., CIS, MITRE, CCPA, ISO, NIST).

  • Knowledge of compliance standards (EU CRA, SOC 2).

Nice to have:

  • Experience with SIEM tools (e.g., Splunk, ELK) for security monitoring.

  • Knowledge of incident response and risk management frameworks.

Skills

  • Excellent collaboration and communication skills with technical and non-technical people

  • You have a passion for security automation.

  • You’re able to motivate your team, foster collaboration, and give directions

  • You’re enthusiastic about solving complex problems and translating them into modern, elegant and simple solution

  • You like to discuss technical challenges and you’re motivated to push the boundaries of technology

Other information

Please add your complete, recent CV and cover letter for this position to your application. We can't process your application without the above-mentioned documents. Need to know more about applying for a job at ASML? Read our frequently asked questions.

This position requires access to controlled technology, as defined in the United States Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.

Diversity and inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Need to know more about applying for a job at ASML? Read our frequently asked questions.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: Ansible Automation AWS Bitbucket C CCPA Checkmarx CI/CD Cloud Compliance DAST DevOps DevSecOps Docker ELK GCP Incident response Java Kubernetes Monitoring NIST OWASP Python Risk management SAST SDLC SIEM SOC SOC 2 SonarQube Splunk Terraform Vulnerabilities

Region: Europe
Country: Netherlands

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.