Expert Security Analyst – Incident Coordinator – Security Incident Response Team

Introduction to the Job

As an Expert Security Analyst – Incident Coordinator, you will take a leadership role within the Security Incident Response Team (SIRT). Your primary focus will be on high/critical-level security incident response (Cyber, IT, OT, DLP, Physical) and driving strategic security improvements. You will also play a key role in mentoring analysts and shaping the organization’s security posture.

This position requires deep technical expertise, strong analytical skills, and the ability to lead complex security investigations and security improvements.

Role and Responsibilities

The Security Incident Response Team (SIRT) operates within the Security Operations Center (SOC) to detect and mitigate security threats in real time. As an Expert Security Analyst, you will be responsible for both operational security monitoring and security improvements.

• Security Monitoring – Actively monitor security alerts for malicious activity or anomalies, ensuring swift response.

• Incident Handling – Lead investigations into high-profile, complex, or advanced persistent threats (APTs).

• Threat Hunting – Proactively search for hidden threats and improve detection capabilities.

• Incident Analysis – Correlate data across multiple sources to detect sophisticated attack patterns.

• Detection & Response Optimization – Develop advanced detection techniques and security automation strategies.

• Technology Leadership – Act as an SME for SecOps tools and threat domains.

• Mentorship & Training – Provide guidance and mentorship to analysts at all levels.

Education and experience

We seek an experienced security expert with a strategic mindset and a proven ability to handle complex security challenges. The ideal candidate will have:

• Bachelor’s or Master’s in Computer Science, Cybersecurity, or related field.

• 7+ years experience in advanced cybersecurity roles.

• Experience working with stakeholders in a complex organization.

• Proven record of influencing upper management towards security best practices.

• Expertise in Security Monitoring, Log Analysis, and Threat Hunting.

• Deep knowledge of a wide range of domains such as Endpoint, Network, OT, Information and Cloud Security.

• Certifications – CISSP, GCIH, GCFA, CISM preferred.

Skills

• Strong Leadership & Mentorship Capabilities.

• Extensive knowledge in stakeholder management.

Other Information

• The role may involve shift work or on-call duties to provide 24/7 security coverage.

• This position is primarily office-based, with the possibility of remote work.

• It is preferred if you possess a valid work permit for the Netherlands.

This position requires access to controlled technology, as defined in the United States Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.