Security control & compliance specialist

Introduction to the job

The Security Control & Compliance specialist is responsible for maintaining the Security control framework that protects our organization, while meeting regulatory and industry standards. You ensure that the control framework is reflecting ASML’s risk appetite and helps the company to effectively and efficiently deal with security risks. Furthermore, you will manage and coordinate the lifecycle of controls, drive effective control design and automation. You validate this by ensuring that adequate monitoring capabilities are realized. Together with our Data Analytics & Reporting team, you design and implement effective management reporting and dashboarding capabilities. You flag deviations, escalate to senior management where needed and own and drive the resolution process to completion.

Role and responsibilities

As a Security control & compliance specialist, you perform regular compliance assessments to ensure adherence to security standards and policies. You contribute to efforts to continuously improve the security control framework, incorporating automation where possible. You develop clear metrics and KPIs and KRIs to measure control effectiveness and report to stakeholders. Next to this you will also:

• Prepare/review control self-assessment questions and control testing scripts for control monitoring;

• Coordinate 1st line control self-assessments and 2nd line control testing activities and unsure those are conducted according to control monitoring plan;

• Follow-up findings and action plans to closure and validate completeness.

• Ensure control designs are effective by defining clear, measurable control objectives;

• Validate operational effectiveness by continuous monitoring and testing;

• Stay updated on emerging cybersecurity requirements and adjust the control framework accordingly;

• Develop strong relations with all levels of the organization, including peers across IT, legal, compliance, internal audit, security and ASML’s sectors.

​

In this role you are positioned in the 2nd line Security organization in the Risk & Business Assurance (R&BA) department of ASML Corporate.

Education and experience

• Bachelor's or master's degree in a relevant discipline, e.g., Business Administration, Information technology, Cybersecurity, Internal Auditing, IT management;

• Minimum of 5+ years professional experience with a focus on security, IT auditing/control testing, Information Security Management Systems (ISMS);

• Knowledge of IT processes and security requirements;

• (Preferred) Relevant certifications such as CISSP, CISM or CISA;

• Experience with defining and running an internal (security) control framework;

• Deep knowledge of current security technologies, current and future developments for SAP, in-depth working knowledge of IT Risk/security frameworks and best practices, such as NIST Cyber security framework, ISF Standard of Good Practice for Information Security, IEC 62443, NIST SP 800 30 framework, ISO 27001/2 framework.

Skills

• You have excellent influencing and interpersonal skills, being able to further develop Security Risk and control management within ASML by building trusting and long-term relationships.

• You are tenacious and possess the ability to overcome organizational resistance, as well as the ability to interact across all levels of the organization.

• You are a self-starter, able to operate autonomously with little guidance.

• Last but not least, you are comfortable in starting up several initiatives at the same time without losing the overview and bigger picture.

Other information

Unlocking the potential of people and society by pushing technology to new limits, that is what ASML stands for. Be part of the team that ensures ASML’s purpose can continue to be successful by protecting and securing its physical and digital assets. Join our beyond best in class security team.

Digitalization is all about data, and data must be trusted for ASML to be successful and deliver top notch technical solutions in the semiconductor industry. ASML’s Security department is therefore seen as pivotal for the success and sustainable growth of ASML. Not only the number of employees, but also its ever-expanding supplier and customer base are demanding beyond best-in-class security. This dynamic and challenging environment requires beyond best-in-class security professionals.

This position requires access to controlled technology, as defined in the United States Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.

Diversity and inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Need to know more about applying for a job at ASML? Read our frequently asked questions.