Country Security Lead US

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Assurance or related field.
• Minimum of 10 years Information Security experience.
• Minimum of 5 years’ IT working experience.
• Enterprise Security risk expertise: Strong understanding of risk frameworks, strategic security risk mgt, policy management, and business continuity management.
• Security Risk mitigation & advisory: Ability to identify, assess, manage and monitor security risk mitigation strategies at a country level.
• Business acumen: Deep understanding of ASML business context, priorities, processes, and dependencies in US or related to US.
• Security leadership: Strong knowledge and leadership in Security Risk and Compliance, including regulatory requirements, governance, security control (frameworks) and risk management.
• Stakeholder management: Ability to engage, influence, and advise key stakeholders in the business.
• Strategic thinking: Anticipate future security risks and opportunities, translating them into effective strategies.
• Collaborate: Proven ability to build strong relationships, establish and foster interactions across levels and across teams, working closely with business leaders and risk owners to ensure security risk management is an integrated function.
• Inspire: Proven ability to set a compelling security vision, motivate teams into actions, and act as a role model for all people leaders.
• Ensure accountabilit y: Act with a clear sense of ownership and ensures risk accountabilities are clear, accepted, and acted upon.
• Communicate effectively : Ensure transparency in risk reporting, effectively communicating risk insights to senior leadership.
• Valid industry certifications such as the Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), , Certified Cloud Security Professional (CCSP), etc.
• Experience with multiple frameworks (e.g. ISO 27001, NIST).
• Knowledge on country specific laws and regulations related to information security.
• Highly-motivated, with a strong work ethic and able to work effectively under minimal supervision.
• Able to engage with Senior Leadership in US.
• Ability to build strong, trusting relationships with technical and non-technical user base.
• Experience in driving security awareness programs and fostering a strong risk culture.
• Ability to create, review, and enforce security policies and standards across diverse business units.
• Skilled in developing and overseeing country-specific incident response plans and coordinating with SOC teams.
• Ability to define and implement security strategies aligned with organizational goals and risk appetite.
• Proven ability to communicate effectively and influence senior leadership and cross-functional teams.

Nice To Haves

• Master's degree preferred.

Responsibilities

• responsible for running the US security organization, driving the development and delivery of second line security services in US
• Challenge and verify the adequate performance of security controls in US, against ASML and US risk appetite and as executed by the first line of responsibility in the sectors in US
• Define and execute the central security strategy as determined by the CISO and adding country specific aspects to it to improve security maturity.
• Collaboration with the 1st line sector SRMs to identify, assess and mitigate security risks, overseeing and reporting via the US Virtual Security Team (VST).
• Identify improvement opportunities of 1st line sector SRMs’ processes and activities and provides necessary support for improvements.
• overseeing the development of country specific response plans, assuring the timely and thorough handling of security indents under coordination of the central Security Operations Centre
• ensuring adherence to centrally determined or country specific laws and regulations related to information security.
• (virtually) leading the team of security managers in US, and assure the capabilities as required by the central Second Line Security, Intelligence Fusion Centre and Security Operations Center teams are developed and maintained, as well as organizing Security activities related to risk culture and awareness initiatives
• Providing regular updates, in alignment with the local first line sector Security Risk Managers van the VST, to senior management in US on the status of information security in US and the central information security program.
• Partner with the RBA&S Cultural and Transformation team to meet in-country awareness training objectives.
• Other duties as assigned.

Benefits

• The Company offers employees and their families, medical, dental, vision, and basic life insurance.
• Employees are able to participate in the Company’s 401k plan.
• Employees will also receive eight (8) hours of vacation leave every month and (13) paid holidays throughout the calendar year.