Introduction to the job
As a Cloud Security Architect you will be responsible for the architecture design pertaining to protection of ASML’s information, Intellectual Property (IP) and assets, and that of ASML’s customers and suppliers developed and used within ASML’s Public cloud (IaaS, PaaS). You do this through the design and alignment of ASML Information Security strategies and security standards/ guidelines. You interface with both IT and Business stakeholders, supporting the effective implementation of system, application and access security controls within the cloud.

Role and responsibilities
You will continuously drive secure design and implementation of security controls in ASML’s cloud platforms; Covering people, process and technology level.
In this role you will work very closely with ASML’s Cloud Center of Excellence (CCoE) team. The CCoE develops and operates a global multi-cloud platform using Microsoft Azure and Google Cloud Platform (GCP). The vision of this team is to provide a flexible and reliable cloud platform to enable accelerated and sustainable adoption of cloud across ASML and maximizing the ability to realize its benefits while reducing risks and supporting ASML’s growth.

As a Cloud Security Architect you’ll:

Participate and contribute in Cloud Architecture for cloud security related topics
Create, own and maintain the Cloud Security Architecture deliverables in Cloud Center of Excellence (CCoE), such as our cloud security control framework (CSF).
Provide expertise and leadership in Cloud Security for both infrastructure and applications.
Be the single point of contact for IT security and Information security subjects within the Cloud Center of Excellence (CCoE).
Develop, design and maintain Cloud security standards, guidelines, patterns and procedures to assure effective secured Cloud services and data protection within the IaaS / PaaS domain.
Regularly assess Cloud services and products (people, process, technology) for security updates and report upon findings, conclusions and next steps.
Conduct threat modeling and security risk assessments upon new cloud services to be developed and used within ASML’s public Cloud and propose risk reducing measures.
Build excellent working relationships within ASML’s CCoE members and all cloud service users, including security officers and developers of new cloud services.
Very closely align with Sector Risk manager within Corporate risk regarding Cloud Platform security related topics.
Support ASML Cyber Defense Center (CDC) activities and ensure 7/24/365 response on any major IT security incidents related to ASML’s IAAS / PAAS domain.

Education and experience
At least 3 years of hand-on experience with (public) cloud solutions
At least 3 years of experience in IT Security
Academic qualifications are an advantage, but not a substitute for professional experience; Security/Technical/IT/informatics background bachelor degree (or equivalent experience)
CCSP or comparable Cloud security certification. CISSP/CISM is a plus
Demonstrable experience with Google Architecture Framework, Google Professional Cloud Security Engineer certification
Experience with Azure Security technologies and Azure Security Engineer Associate certification is a plus
(Security) Architecture certification (SABSA SCF or TOGAF) is a plus
Deep Knowledge of current security technologies and governance processes
In-depth working knowledge of IT Risk / security frameworks and best practices, e.g.:
CSC Top 20 Controls
Cloud Security Alliance (CSA)
NIST Cyber Security Framework
ISF Standard of Good Practice for Information Security
NIST SP 800 30 framework
ISO 27001/2 framework

Skills
Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems.
To thrive in this job, you’ll need the following skills:

You are able to think conceptually about security, can bring overview to problems, can communicate that effectively and can quickly identify key issues to be resolved. This means someone who can create an oversight of what we have, see common denominators, bring structure, and present it clearly to everyone. Next to that you also drive implementation of new of improved capabilities together with the team.

Being able to create abstract diagrams and good visualization skills to translate them into architectural drawings to help convey a message and influence decisions is essential.

The main behaviors and competencies:
-Fluency in English
-Great communication and stakeholder management skills
-Outstanding analytical and conceptual thinking skills
-Strategic planning
-Content Leadership
-Project management
-Result driven

Diversity & Inclusion
ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.

Other information
The position is based in the Netherlands (Veldhoven). The role has a matrix reporting line:

Part of a DevOps team that builds our cloud platform, reporting directly to the team manager of the CCoE.
Functionally the role reports to the team lead Security Architecture, under the Technology Security Manager within the Technology Security department.
The CCoE adopted an agile way of working. Key elements in this way of working are collaboration, customer focus, continuous improvements and continuous learning.