Senior Manager ICS/OT Security

External Job Description

The Senior Manager OT/ICS Security holds a key position in our RBA (Risk & Business Assurance) Expertise Security sector, having a strong sense of OT/ICS related capability building and managerial experience, whilst embedding our OT/ICS strategy in our organization.

Introduction to the job 

As the Senior Manager OT/ICS Security you work together with a team of security professionals and the ASML Sector Security Representatives to drive the OT/ICS capability and verify the controls performance in the OT/ICS domain across ASML. You will act in close corporation with RBA’s Sector Facing teams (i.e. for Corporate Real Estate).

In this role you support secure design, development and maintenance of ASML’s operational technologies and industrial control systems by ensuring OT Security capabilities are defined, implemented and monitored. Excellent communication and cooperation skills are essential for this role.

Role and responsibilities

The role has 3 main focus points:

• Determine our OT/ICS security risk control strategy, building blocks and design patterns of our internal control framework. To be designed with your (to be) OT/ICS security team;
• Implement and embed our OT/ICS security standards and policies throughout our sectors. Building bridges with your (internal and where needed external) business stakeholders is key to achieve success in implementing our policies and standards;
• (Further) building our central OT/ICS security team and pro-actively enable knowledge management. You will hold management responsibilities over a small team involving an Architect, Install Base Engineers and BPA’s.

Our RBA sector counts approx. 300 FTE amongst different sub-sectors. Working within the Security Expertise sub-sector means working with professionals across the world involving first line of defense up to C-level professionals. Having a strong background in the core functions for OT/ICS security (such as Industrial Control Systems, SCADA, Industrial IoT, Network, Server& End Point security, OT/ICS network architecture, etc.), you are holding a key position in further developing our OT/ICS capabilities across ASML.

Education and experience

Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems. Some key competences that come natural to you in this position:

• Take responsibility and act decisively;
• Strong stakeholder management and build solid relationships of trust at different levels;
• Lead projects to results.

Ideally we are looking for someone who brings a strong technical background whilst also having acted in management positions, having a keen sense of how to manage internal- and external stakeholders whilst managing a team at the same time. Summarized:

• 8+ years of management experience, preferably in a multinational corporate security environment;
• Proven experience with control systems risk assessments;
• Knowledge of security frameworks like ISO 27001, NIST, SANS, ISA / IEC 62443k and Compliance;
• Master’s degree working and thinking level.

Diversity & Inclusion

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Other information

• Knowledge of project management (Prince2 / PMBoK/ APMP / MSP).
• You are in possession of a valid work permit for The Netherlands.
• Either a GICSP, CISM, CISSP, or CISA certificate: considered as a must.

If you don’t meet the above mentioned requirements, and you still feel your profile is a great match with  this job description, please consider application and explain us the considerations.