Vulnerability Management Specialist

Introduction to the job

As a vulnerability management specialist, you are responsible for scheduling, detecting, analyzing, reporting and managing the Emergency Patching Process activities within the company’s technology domains.

Role and responsibilities

Do you like to drive structural improvements and work with a wide range of IT disciplines? Are you passionate about security and do you like the challenge of protecting the IT infrastructure and information assets in one of the most technical developed companies in the world? Then we would like to talk to you!

In this position you will apply your analytical, reasoning & specialized technical security expertise to investigate, isolate and track critical security vulnerabilities in a risk-based manner. You will be reporting upon and performing quality assurance on the vulnerability management processes and procedures. You will interact with stakeholders on different levels in ASML IT, but also within ASML sectors. Your key responsibilities:

• Develop and maintain the patch & vulnerability management policies and standards, and support the development of processes, systems and measurements that enable the organization to manage released patches and assure compliance towards the standards.

• Drive and support the Prio Patching process and coordinate the response upon detected (critical) vulnerabilities.

• Manage, monitor and report upon priority / emergency patching process and compliance against ASML’s patch standard.

• Conduct IT security assessments upon IT Services, network infrastructure and applications and report upon findings.

• Align upon proposed next steps with stakeholders and monitor and report upon progress of agreed risk mitigation.

Education and experience

To be successful in this position, it is important that you have hands on experience and expertise in vulnerability management. Vulnerability Management is active in the area of infrastructure, applications, containers, cloud, workplace and API’s (amongst others), so there are different areas to work in depending on your knowledge, experience and interest. The ideal candidate will have:

• A degree in computer science, information technology, computer engineering or equivalent experience Vulnerability Management Specialist.

• 3+ years of experience as a security analyst in Application, Server and Network infrastructure and API’s in a large organization.

• Experience in Executing Threat and Vulnerability Analysis (TVA) and/or IT Security risk assessments on IT services, (web + mobile) applications and network & Cloud infrastructure.

• Knowledge of malware, hacking techniques, cyber threats and security trends.

• Experience in collecting information through research and interviews.

• Experience in convincing and chasing stakeholders in an international environment.

• Excellent English verbal and written communication and presentation skills, command of the Dutch language is a plus.

Skills

You are a team player, self-starting with excellent communication, interpersonal, coordination, and problem-solving skills. You are able to interact with all levels amongst other users, engineers, executives and senior managers. You possess a high level of initiative, accountability, professional diligence and attention to detail as well as:

• Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments.

• Analytical, precise, tenacious, autonomous.

• Capable to digest large amounts of new information quickly, and derive key security vulnerabilities.

• Able to hold your own and defend your position in a flexible / changing and demanding environment.

• Ability to mitigate and overcome organizational resistance.

Other Information

ASML creates the conditions that enable you to realize your full potential. We provide state-of-the-art facilities, opportunities to develop your talents, international career opportunities, a stimulating and inspiring environment, and most of all, the dedication of a company that recognizes and rewards extraordinary performance.

• Valid industry certifications such as the Certified Information Systems Security Professional (CISSP) are a plus.

• Experience in vulnerability management in Workplace, Databases, Cloud & Container environment is a plus.

• Experience in security standards like ISO 27001, NIST-800 or equivalent are a plus.

• Preferable experience and/or knowledge of working with Agile SAFe.

For this role we also are willing to talk to people who have less and/or more experience to learn if there is a potential fit. If you are you interested, please apply with your CV and cover letter, detailing your motivation for this position.

This role is positioned within the Infrastructure Security team within Expertise Security which is part of the Risk & Business Assurance department of ASML Corporate. We at ASML enable groundbreaking technology to solve some of humanity’s toughest challenges. Together with our partners, we provide leading patterning solutions that drive the advancement of microchips.

This position requires access to controlled technology, as defined in the United States Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.

Diversity and inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Need to know more about applying for a job at ASML? Read our frequently asked questions.