Head of second line IT security

In this role, you will drive operational excellence across departments by enhancing the maturity of the Second Line of Responsibility (2LoR) (IT) Security function and driving changes according to organizational standards, means, and methods.

Introduction to the job

As Head of Second Line - IT Security you will drive operational excellence across the departments, enhancing the maturity of the Second line of Responsibility (2LoR) (IT) Security organization function and drive changes according to the organization standard means and methods.

Role and responsibilities

In this role you will align security initiatives of the department with ASML's strategic objectives and contribute to ASML's Security Strategy and translate it into tactical plans, roadmap, portfolio and projects. You showcase visionary leadership by having a clear vision that inspires and motivates others, provides a clear sense of purpose and gives direction in a compelling way. You serve as role model and inspire others to achieve their full potential, empowering team members to take ownership of their work and to contribute to the team and department's success.

You are responsible for stakeholder management with the sectors regarding 2LoR (IT) security matters and will develop and/or contribute to policies in collaboration with stakeholders. You foster cross-functional collaboration and partnership in the Security Community at all times, breaking down silos and leveraging diverse perspectives to drive innovation and problem solving.

You drive operational excellence across the departments, maturity of the 2LoR (IT) Security organization function and drive changes according to the organization standard means and methods. You will lead development and execution of an annual plan and set team targets for the department, taking appropriate action where necessary to ensure the achievement of targets within budget and time and manage reports on performance within the department or area of responsibility, through appropriate performance objectives.

You oversee verification of standards and controls (policy) implementation within sector and use the Security governance to drive the ASML Security Strategy and related priorities. In short, you will be responsible for:

• Shaping, implementing and maintaining the 2LoR operating model.
• Oversight and monitoring.
• Compliance assurance.
• (Policy), standard and control development.
• Conducting independent security assessments.
• Providing (people) leadership to the 2LoR team.

Education and experience

• Master’s degree working and thinking level.
• 8+ years of management experience leading a team in a complex, multi-disciplinary and preferably multinational corporate security environment.
• Proven track record in IT security at strategic and tactical level (2LoR).
• Proven experience with information security risk assessments and auditing is preferred.
• Knowledge of security frameworks like ISO 27001, NIST, SANS, ISA / IEC 62443k and Compliance.

Skills

Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems. To be successful in this position, it is essential that you:

• Take responsibility and act decisively.
• Show critical sense and manage criticism.
• Have strong stakeholder management skills.
• Can build solid relationships of trust at different levels.
• Have strong organization & delegating skills, driving results.

Other information

Either a GICSP, CISM, CISSP, or CISA certificate is considered as a pre.

A Certificate of Good Conduct “Verklaring Omtrent het Gedrag (VOG)” is required for this position.

The 2LoR (IT) Security is an independent competence team in the CISO organization, with a solution mindset to keep ASML secure by defining and prescribing requirements, through policies, standards and controls. In this role you will provide expert advisory to sectors on a complex area of (IT) security topics and validate adherence to policies & standards, conduct control testing by conducting security control assessments and reporting on control (design) effectiveness. You are responsible for intervening, escalating and supporting sectors with resolution and follow up and maintaining and improving the security control framework.

Be part of the team that ensures ASML’s purpose can continue to be successful by protecting and securing its physical and digital assets.

This position requires access to controlled technology, as defined in the United States Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.