The mission of the Security department at ASML is to enable the company to control the protection of its information and assets, as well as those of its customers and suppliers, by applying risk-based efficient measures to people, processes, and technology. We support business goals by embedding security within the DNA of its people, processes, and technologies. ASML’s security team acts as a critical support function, providing risk-based programs, services, and systems to protect employees, knowledge, assets, and the company's reputation. This team is one of multi-expert context and skilled professionals, demanding high standards of skillset making sure we deliver on par for ASML as well nurturing a healthy and safe working environment to strive for the best.
As a Security Manager Compliance, you will play an integral role in advancing the rollout of third-party certification for ASML’s Information Security Management System (ISMS) based on ISO 27001 and NIST standards. The position calls for an individual ready to take their career to the next level by driving third-party certification of ASML’s ISMS. Key responsibilities include:
Leading the creation of plans or roadmaps for different roll-outs of third-party certification for ASML's ISMS.
Managing the organization of the roll-out: collecting demand, setting the scope, contracting external certification bodies, planning and preparing security audits with the organization.
Following through on audit findings and ensuring they are resolved
Managing and updating ISMS documentation and maintaining support tools for the management system.
Communicating internally with stakeholders about certification
Delivering training and workshops to stakeholders.
Cooperating with stakeholders and specialists from other management systems (ISO 9001 and ISO 14001).
For this position, we are looking for someone with strong stakeholder management and communication skills, with the ability to align diverse perspectives.
The ideal candidate will have an IT security background with experience auditing information systems or information management. You should be eager to become an expert in ISO 27001 and NIST CSF certification for ASML’s ISMS through collaboration with global stakeholders and business processes.
The role is crucial as security compliance becomes increasingly important, contributing to certification efforts and supporting compliance-related activities in general.
A master’s degree in cybersecurity, computer science, information systems, information management, IT audit, or another relevant field is required.
Prior experience assessing information security-related controls and/or requirements in business processes or applications, such as ISO 27001 auditing.
Experience with and strong knowledge of ISO 27001 and NIST CSF.
Understanding of control environments, such as the linkage between risks, control objectives, and controls.
Sound knowledge of information security controls in various domains, such as access control, encryption, and networks.
Demonstrated diplomacy skills, with the ability to handle complex discussions and maintain constructive relationships.
Knowledge of Business Process Management frameworks, IT Management frameworks, e.g., ITIL, familiarity with audit frameworks like COBIT.
The role requires a combination of expertise and project management abilities, as the expert will be responsible for all aspects of rolling out ISO 27001 and NIST certification.
The following certifications are considered a plus: CISM, CISSP, CISA, CIA, SANS GIAC, NIST CSF implementer; ISO 27K Lead Auditor/Implementer.
Nice to have skills/experience:
Experience with Agile methodologies.
Experience with Service Now (governance).
Familiarity with the NIST Cybersecurity Framework (CSF).
Understanding of the General Data Protection Regulation (GDPR).
Relevant experience within the semiconductor sector.
A Certificate of Good Conduct “Verklaring Omtrent het Gedrag (VOG)” is required for this position.
The position is based in Veldhoven, Netherlands. The employee reports to the Manager of Security Risk, Policies & Compliance within the Security Strategy, Risk, and Architecture competence center. This is a full-time (40 hours per week) position, with 3 days in office presence.
If you are interested in this position, please apply online with a CV and cover letter. For more information about working at ASML and the application process, visit the company’s website and frequently asked questions page.
This position requires access to controlled technology, as defined in the United States Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.
ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that inclusion and diversity is a driving force in the success of our company.
Need to know more about applying for a job at ASML? Read our frequently asked questions
Who are we?
ASML is an innovation leader in the global semiconductor industry. We make machines that chipmakers use to mass produce microchips. Founded in 1984 in the Netherlands with just a handful of employees, we’ve now grown to over 40,000 employees, 143 nationalities and more than 60 locations around the world.
What do we do?
We provide chipmakers with hardware, software and services to mass produce patterns on silicon through lithography. Our lithography systems use ultraviolet light to create billions of tiny structures on silicon that together make up a microchip. We push our technology to new limits to enable our customers to create smaller, faster and more powerful chips.
Who are our people?
While you may think that only engineers and mathematicians work at ASML, you'll be surprised to find out that our people come from a wide variety of backgrounds. Across ASML, we have dedicated teams that manage customer support, communications and media, IT, software development and more. Every team in the company is essential for pushing our technology and the industry forward.
If you love to tackle challenges and innovate in a collaborative, supportive and inclusive environment with all the flexibility and freedom to unleash your full potential, ASML is the place to be.
Join us!
