GRC Intake specialist

Introduction to the job

As an Risk Intake Analyst, your mission is to ensure that new intake requests are complete, timely and accurately processed, reviewed and challenged (where appropriate), to ensure that ASML’s expertise areas, such as Security and Compliance, are timely involved in changes.

Role and responsibilities

ASML’s Risk & Business Assurance (RBA) department is supporting ASML business to achieve its objectives by providing state-of-art expertise, insights and assurance in the area of Corporate Risk Management, Internal control, Compliance and Security. As part of the RBA center of excellence office we are driving the ‘Risk Scoping process’ (known as a Governance, Risk and Compliance [GRC] process) for each change initiative/project within ASML by executing a business impact assessment.

In this role you ensure that new Risk Scoping intake requests are complete, timely and accurately processed, reviewed and challenged (where appropriate), to ensure that ASML’s expertise areas, such as Security and Compliance, are timely involved in changes and provide precise security and compliance requirements to the change initiative assessed.

You play a central role in managing these business impact assessments to ensure that all the right stakeholders from GRC perspective are timely involved to validate and provide (security, legal and compliance) requirements.  You perform in-depth analysis and checks on the change initiative/project including to provide a complete overview of risks on asset level. In this role you will also be the pioneer of system and process improvement for Integrated Risk Management process that includes effort to streamline the resource planning, workload management practices, and engage relevant stakeholders to collaborate further on the improvement efforts.

• Perform active stakeholdermanagement; engaging with stakeholders, giving clear guidance, advice and support where necessary for the business.

• Perform in-depth analysis of the Risk Scoping submission and ensure that the Risk Scoping request are completed and registered in the Risk Portal.

• Ensure the correct performance of Risk Scoping assessments and safeguarding and improving the process, including the risk scoping tools.

• Schedule and facilitate Risk Scoping meetings to ensure alignment amongst stakeholders and documentation of agreement points.

• Revert the conclusion of the Risk Scoping process back to Stakeholders (Project Leads).

• Provide support, training and reporting.

Education and experience

To be successful in this role, the ideal candidate will have:

• Minimal Bachelor’s degree level education in a relevant field such as law, Risk Management, Internal Audit, IT Audit, Information Systems and Operations Management or similar.

• Minimum 4 years of relevant work experience in one of the following areas: Legal, Information Security, Compliance, Governance and/or Risk Management.

• High-level knowledge/ familiarity of complex technology, business processes and supportive assets.

• High-level knowledge of Change Management (CM) and Identity and Access Management (IAM) processes.

• High-level knowledge of development processes, CI/CD, Agile.

• Familiarity with Operational Technology and manufacturing processes.

Skills

To thrive in this position, you need to have a broad interest in security, law & regulations, cybersecurity and Gen AI and have the willingness to broaden your knowledge both on business (understanding law and regulations) and technical (understand working of lithographic equipment) matters. Working at the cutting edge of technology, you’ll always have new challenges and new problems to solve. Working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic complex work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems.

• Able to develop connections, build stakeholder relationships and collaborate at all levels of the organization.

• Able to understand the relations between complex technical assets, related processes and potential risks.

• Good social and effective communication skills, making complex topics simple and transparent.

• Overcoming barriers for change and engages others to take action.

• Combining clear, critical thinking with decisiveness.

• Proactive / hands-on attitude, able to work independently and as part of a team.

• Attention to detail and apply a high standard of accuracy in delivering the activities.

Other information

• Being familiar with global industry accepted standards (ISO/ NIS2, CRA, SOx, Countries Export Control) knowledge on OT security standards, AI security standards/ COBIT is a plus.

• Understanding on basic ServiceNow use is a plus.

• Relevant certifications, e.g. CRISC, CISA is a plus.

This position requires access to controlled technology, as defined in the United States Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.

Diversity and inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Need to know more about applying for a job at ASML? Read our frequently asked questions.