返回查询:Country Security / 上海

KEY PURPOSE OF ROLE
The
Country Security Lead (CSL)
for ASML China acts as the local representative of the ASML CISO and protects and secures ASML's Intellectual property, digital assets and technologies in China, in line with ASML's Security strategy. The CSL for China develops and implements comprehensive security roadmaps for China, in close alignment with the local sector 1st line Security Risk Managers and the central 2nd line security team, to protect sensitive data against cyber and physical threats and ensures compliance with relevant regulations.

ASML manages 1st line security via the sectors which creates a challenge on country level where multiple sectors can be represented. To manage security from a country point of view with local security risk managers reporting into the central sector SRM's, ASML set up a Virtual Security Team (VST) to bring all relevant (security) representatives together in one virtual team to manage jointly security for China.

The CSL forms and drives the
Virtual Security Team
(VST)
in China, consisting of China's first and second line security representatives and other relevant stakeholders, to improve the level of security maturity in China and report progress to the country's Management Team.

KEY RESPONSIBILITIES

  • {​{b}}Overall{​{/b}}: responsible for managing the China security organization on behalf of the CISO of ASML, driving the development and delivery of security services in China. Challenge and verify the adequate performance of security controls in China, against ASML and China risk appetite and as executed by the first line of responsibility in the sectors in Chin
  • a.{​{b}}Strategy{​{/b}}: execute the central security strategy as determined by the CISO and adding country specific aspects to it to improve security matur
  • ity.{​{b}}Risk management{​{/b}}: Collaboration with the 1st line sector SRMs to identify, assess and mitigate security risks, overseeing and reporting via the China Virtual Security Team (VST). Identify improvement opportunities together with the 1st line sector SRMs' and the 2nd line team in terms of processes and activities. The CSL provides necessary support for improvements and will act in a pivotal role to bring (security) teams together where
  • needed{​{b}}Incident response{​{/b}}: overseeing the development of country specific response plans, assuring the timely and thorough handling of security indents under coordination of the central Security Operation
  • s Centre{​{b}}Compliance oversight{​{/b}}: ensuring adherence to centrally determined or country specific laws and regulations related to information
  • security.{​{b}}Team leadership & capability building{​{/b}}: act on behalf of the CISO of ASML and work closely together with the 1st line country SRM's to define and execute a joined security roadmap for China. Assure the capabilities as required by the central Second Line Security, Intelligence Fusion Centre and Security Operations Center teams are developed and maintained, as well as organizing Security activities related to risk culture and awareness initiatives. Will drive the preparation of a uniform reporting out to the China Country Management Team and align with the CISO and the VST team the agenda for the
  • se meetings.{​{b}}Stakeholder engagement{​{/b}}: Providing regular updates, in alignment with the local first line sector Security Risk Managers of the VST, to senior management in China on the status of information security in China and the central information security program. Considering the given governance, this will always be in alignment with the respective
  • 1st line SRM.{​{b}}Providing the general{​{/b}}{​{b}} security{​{/b}}{​{b}} training to all {​{/b}}{​{b}}C{​{/b}}{​{b}}hina staff{​{/b}}{​{b}} to improve their {
  • ​{/b}}{​{b}}awareness{​{/b}}Some travel will be required to other ASML offices in

China, and abroad (+/- 1

  • 5%)KEY WORKING RELATIONSHIPS{​{b}}External: {​{/b}} Security Vendors, Customers, Suppliers, (always in alignment with local account management and procurement tea
  • ms, Industry Peers and Forums){​{b}}Internal: {​{/b}}ASML China IT, local ASML Sector Security Func

tions, RBA&S, Legal,
SectorsSKILLS AND QUALIFICATIONSEssential Skills &am

  • p; Experience (key competencies)Minimum of 10 years (
  • Information) Security experienceMinimum of 8 years e
  • xperience with physical securityMinimum o
  • f 5 years IT working experience.Able to engage
  • with Senior Leadership in ChinaAbility to build strong, trusting relationships with techni
  • cal and non-technical user base;Highly-motivated, with a strong work ethic and able to work effec
  • tively under minimal supervisionExcellent verbal and written communication
  • skills in English and Mandarin

Excellent multi-ta

  • sking skills.Skills - Functional{​{b}}Enterprise Security risk expertise: {​{/b}}Strong understanding of risk frameworks, strategic security risk mgt, policy management, an
  • d business continuity management. {​{b}}Security Risk mitigation & advisory: {​{/b}}Ability to identify, assess, manage and monitor security risk mitigation strat
  • egies at a country level{​{b}} {​{/b}}{​{b}}Business acumen: {​{/b}}Deep understanding of ASML business context, priorities, processes, and dependencies
  • {​{b}} {​{/b}}in China or related to China{​{b}}Security leadership: {​{/b}}Strong knowledge and leadership in Security Risk and Compliance, including regulatory requirements, governance, security control
  • (frameworks) and risk management{​{b}} {​{/b}}{​{b}}Stakeholder management: {​{/b}}Ability to engage, influence, and adv
  • ise key stakeholders in the business{​{b}} {​{/b}}{​{b}}Strategic thinking: {​{/b}}Anticipate future security risks and opport

unities, translatin

  • g them into effective strategies Skills - Behavioral{​{b}}Collaborate{​{/b}} – proven ability to build strong relationships, establish and foster interactions across levels and across teams, working closely with business leaders and risk owners to ens
  • ure security risk management is an integrated function{​{b}}Inspire: {​{/b}}Proven ability to set a compelling security vision, motivate teams into
  • actions, and act as a role model for all people leaders {​{b}}Ensure accountabilit{​{/b}}y: Act with a clear sense of ownership and ensures
  • risk accountabilities are clear, accepted and acted upon {​{b}}Communicate effectively{​{/b}}: Ensure transparency in risk reporting,

effectively communicating risk i

  • nsights to senior leadershipCertifications and/or MembershipMaster's deg
  • ree in Information Science/Security or equivalent experienceValid industry certifications such as the Certified Information Systems Security Professional (CISSP), Certified Information Security Manager
  • (CISM), , Certified Cloud Security Professional (CCSP), etc.Experience with multiple frameworks (e.g. ISO 27001, NIST)Knowledge on country sp

ecific laws and regulat
ions related to information security.Diversity and inclusionASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and

inclusion is a driving force in the success of our company.Need to know more about applying for a job at ASML? Read our frequently asked questions.

去原网站上申请