Security Risk Manager in Manufacturing
Your working environment
Your tasks
In order to be at the top of our game in all matters relating to security and risk management, we want to strengthen our ability to protect the intellectual property of ASML, our customers and our suppliers and to prevent business disruption in Berlin. To achieve this we established this exciting new position.
- identify and provide advice on strategic and tactical security risks.
- act as security expert in the areas of i.e. ICS security, access control, incident management, training & awareness, asset management, business continuity management, operations security and system acquisition, development & maintenance.
- support and drive the implementation of security capabilities and governance.
- collaborate and align with senior management in the factory to manage security risks in line with risk appetite as well as act as sounding board to the management.
- drive mitigation of risks, propose mitigating controls in accordance with sector risk appetite and drive implementation and use.
- prepare and execute security assessments on applications or business processes understanding threat sources and vulnerabilities while using ISO27001, NIS2 and the ASML policies and standards as baseline.
- formulate, assess and maintain the security risks in the risk register, prepare periodic reports and help to get a clear oversight on the status of current security controls for the site.
- align with our global security risk management team, competences within the headquarter, local and global IT, local privacy officer, local compliance, and others.
Your qualifications
- Master's degree or equivalent combination of education and experience (e.g. in a technical area, business administration, industrial engineering).
- In possession of valid industry certifications (CISM, CISSP, CRISC).
- Several years of relevant experience in information security, IT audit and/or doing security assessments.
- Experience in complex, international working environments with a manufacturing focus, either directly or in a consulting role.
- Knowledge of and experience with security standards and frameworks, especially ISO27001, IEC62443 and ISO31000 risk management framework, NIS2 and company policies and standards.
- Knowledge in the IT security domain, in OT / ICS security initiatives and environment as well as in mitigating measures using a combination of IT and non-IT controls.
- Fluent in German and English.
Your skills
- Able to communicate, convince and inspire, explain findings and associated risks such that impact is clear and ownership is taken.
- Able to build connections across the whole organization and to create and maintain a trusted network.
- Able to give direction, plan and prioritize.
- Natural drive to understand how activities are really executed on the floor, to be able to identify security risks and propose mitigations in a way that makes it relevant and understandable for stakeholders at different levels.
- Pragmatic, pro-active, hands-on mentality.
- Motivated by realizing goals rather than personal acknowledgement and a proven ability to drive results.
- Flexible to work in a fast growing and changing organization.
Further information
- Job with bright future prospects at the leader of innovation in the semiconductor industry in Berlin Neukölln
- Flexible working hours and the option of working remotely from anywhere
- Reimbursement of moving expenses for you and your family
- Specific advanced training and development opportunities
- Access to organized childcare and vacation care
- Health and sports offers (e.g. subsidy for sports activities, health days, company doctor, free vaccinations, etc.)
- Travel allowance for BVG company ticket or bicycle