Introduction to the job

As a security solution architect your mission is to design the security mechanisms (processes, information and technology) that help ASML Security to manage security risks and protect ASML’s assets. The Security Technology team is a centralized team responsible for developing and operating the platform and services of the Security Operations Center and security Risk management.

Role and responsibilities

Based on the security roadmap, you develop solutions to improve the effectiveness of the security capabilities delivered by the centralized Security organization. In this role you contribute to innovation and developing best-in-class security capabilities to improve ASML Security Posture.

As a security solution architect, you will be responsible for:

Reviewing security technologies, tools and services, and make recommendations for improvements to the broader security team for their use, based on security, financial and operational metrics.

Driving the process from analysis of requirements and target metrics from stakeholders in the Security and Risk Management organization, to the design and alignment on proposed solution.

Creating solution designs covering the process, operating model, information, access, application and infrastructural aspects of the solution, to create end-to-end solution designs.

Following developments in the market for security solutions, and identifying the threats and opportunities for ASML’s security posture.

Working closely with the IT delivery organization to define solutions that are compatible with IT target architecture and strategies, or to influence those when there is a gap.

Liaising with Enterprise Architecture and Organizational Architectural Boards to validate solutions, document and effectively communicate design decisions in a central architecture repository.

Building excellent working relationships with the project team members and all project stakeholders, including security risk officers and IT Operational staff including (security) architects.

Providing clear guidelines for the use/scope of (partially) overlapping security solutions so they do not leave a gap or introduce ambiguity.

Conducting or facilitating threat modelling of services and applications that tie to the risk and data associated with the service or application.

Education and experience

Bachelor or Master's degree in computer science, information systems, information management, cybersecurity, or a related field. Any of the following certifications are a plus: CISSP, TOGAF, SANS’ GIAC, SABSA (SCF). Courses or certifications in SAFE Agile way of working are a plus as well.

For this role we are looking for someone with 4 – 7 years of work experience in working in IT security across several IT domains in a large international organization. To perform the role successfully a solid understanding of an IT environment and its business needs is required, along with the security expertise to assess and mitigate the (domain specific) security risks with secure designs. The ideal candidate needs to be looking for an opportunity to become an architect and to broaden their view on how security helps to improve/enable the business.

You must be able to demonstrate:

Strong conceptual knowledge of, and experience in cyber security, and working in or for an international security operations team or cybersecurity incident response team.

Excellent understanding of security operations and tooling to support its processes.

Full-stack knowledge of IT infrastructure on all technology layers and ITIL processes.

Hands on experience with reviewing security architecture & ability to provide expert feedback.

Experience designing the deployment of applications and infrastructure into on premise and cloud services.

Estimating and planning architecture activities, and managing own workload.

Experience in both the people & processes side of security as well as technology security capabilities.

Skills

You are able to think conceptually about security, can bring overview to problems, can communicate that effectively and can quickly identify key issues to be resolved. You can create an oversight of what we have, see common denominators, bring structure and present it in a way that is clear to everyone.

You are able to create abstract diagrams with your good visualization skills in order to translate them into architectural drawings.

It is important to have good communication skills as you will be in contact with different teams and stakeholders. You need to be comfortable presenting your findings and advising on best course of action to senior stakeholders, architecture peers and management.

You are familiar/have experience with the following regulations, standards and frameworks: 

ISO 27001 and 27002

NIST Cybersecurity Framework (CSF) 

General Data Protection Regulation (GDPR) 

MITRE D3FEND

CIS control framework

ISO 31000 

Other information

Experience with modeling solutions using the ArchiMate language and tooling like ARIS is preferred.

This position requires access to controlled technology, as defined in the United States Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.

Diversity and inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Need to know more about applying for a job at ASML? Read our frequently asked questions.