Introduction to the job
We are seeking for a colleague who is an security expert within the Server domain and who is able to interact with senior management level, but also with engineers upon security within the Server domain. Will you join us to assure an adequate level of protection is maintained for ASML’s worldwide network and 40.000+ connected assets? We would like to welcome you to join us upon our security journey.

As Security specialist Servers you will be responsible to set-up and maintain security policies, standards and hardening guidelines for Servers and their used OS’ s, including Virtual environments (VM’s). This for existing technology but also for new technology introduced in the scope of this function.
The ASML employee current fulfilling this job has found another job internal ASML. We are seeking a temporary fulfillment of this job. I the next months this job will be transferred to IT as part of a new IT security Organisation.

Role and responsibilities
As Security specialist Servers you will assess current protection level of the network connected Servers (hardware, OS’s and their configuration) and the compliance towards ASML policies and legal obligation (e.g. SOX). As Security Specialist Servers you will support workplace management, ESP’s , projects, Agile teams and other initiated activities to assure an adequate protection level of the servers connected to ASML infrastructure. The Security Specialist Servers security will monitor and report upon compliance and will coordinate and support root cause analysis related to server security incidents and other detected noncompliance situations. Where applicable (s)he support investigations / computer forensics activities and support pen tests upon servers and their OS level.

Focus will be on security of :
-Physical Servers and their OS’s and relevant server features
-Virtual Machines and their OS’s and relevant server features
-Hypervisors and relevant server features
-Assess and report upon the current state of compliance and risk level
-Support Pen tests and computer forensics where applicable
(the core activities, outputs expected of the role, regulatory & legal requirements)
-Responsible to assure that Security, BCM and legal requirements are effectively covered within System / OS security policies and standards and followed by projects and 3rd parties / service providers.
-Responsible to advice on security improvements and (additional) security controls on Servers, VM’s and their OS ‘s based upon and related to new technology developments, audit results, incidents, risk assessments and other lessons learned.
-Initiate, prepare, execute and report upon security assessment (e.g. verifications, checks, tests, audits) within your domain
-Support pen tests upon (parts of) ASML’s infrastructure and support / coordinate computer forensics.
-Monitor and report upon compliance and protection level of Servers including risks.
-Initiate, monitor and report upon appropriate corrective actions to mitigate the detected non-compliance situation.
-Support other team members within the Technology Security team.

Education and experience

EXPERIENCE
-More than 5-10 years’ experience with management and security of servers and OS’s (e.g. Windows, Linux/Unix / VM), (Must)
-Experience with supporting and conducting (automated) security assessments, pentests and forensic investigation related to Servers and their OS’s/ features is a pre.
-Experience with security and the Life Cycle Management stages of a servers and it’s OS.(Must)
-Experience with automated compliance verification of Servers (On premise and in the cloud) (Must)
-Experience with Agile / SAFe framework is a pre
-Having a security certificate (e.g. CISSP, CISA) or any other relevant security certificate is a preference. (Must)

KNOWLEDGE AND EDUCATION

Education
-Having up-to-date and latest certificates related to Microsoft Servers, Linux and other server OS’s is a must
-Relevant Microsoft Certifications
-Relevant UNIX / LINUX certifications
-Cloud technology (Azure, WBS, Google)
Deep technical knowledge of:
-Hardware of servers)
-Operation Systems (OS) (e.g. Windows / UNIX / Linux / VMware….)
-OS related software such as: anti-virus, Host IPS (HIPS), EDR.
Knowledge and experience with assessing, monitoring and reporting upon compliance
-KPI definition and reporting upon KPI’’s
-Perform structured and controlled security assessments to determine the effectiveness of implemented protection mechanism and security controls;
-Documentation and presentation of results, conclusions and proposals;
Familiar with industry security best practices / framework such as:
-CIS Standards
-ISO 27001
-COBIT/ ITIL
-SANS Top 20
-NIST standards
-Other relevant industry standards

Skills
Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that. You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues. There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems.

To thrive in this job, you’ll need the following skills:
-Analytical, precise, tenacious, autonomous
-Familiar with local laws and legislation incl. Sarbanes Oxley
-Ability to interact with all levels including executives and senior managers
-Strong interpersonal, presentation, analytical and statistical sampling skills
-Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments
-Exceptional written and verbal communication in skills Dutch and English are required
-Flexibility to travel 10% (depends on location)
- Residence in EU countries or Netherlands (Dutch or Non Dutch) with valid Visa/Work Permit.

Diversity & Inclusion
ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.