25 days ago - req12157
Security Manager North East Asia
Other job categories
In a nutshell
Other job categories
KEY PURPOSE OF ROLE
The Country Security Officer (RSO) for ASML China will be responsible for all aspects of Security within the ASML PRC China’s s twelve offices and 1,000 Users. The RSO will be the primary contact for Country Executives, Operations, Customers, Suppliers, Legal, and Facilities regarding all forms of security, assessing and addressing country security risks, and the communication and implementation of all global security initiatives and their impact within the region. The RSO will also be responsible for Security Awareness training and the operationalization of the Knowledge Protection Program champions within the region. This is a role that finely combines operational and managerial responsibilities in one.
The RSO will represent the region in all global Security initiatives to help shape a truly global Security Risk process that will work within the region as well as in main office.
KEY RESPONSIBILITIES (THE CORE ACTIVITIES, OUTPUTS EXPECTED OF THE ROLE, REGULATORY & LEGAL REQUIREMENTS)
• Provides seamless coordination between the China region, ASML sectors and ASML Sector Security Risk Managers on security matters:
o Support Pan-ASML security risks addressed by central programs (in IT, D&E, SS&P, Ops) with local execution.
o RSO executes local programs addressing Country risks, using the centrally set policy. The center may support in terms of means and methods, leveraging expertise into the region.
• Drives the management of Country security risks concerning the Confidentiality, Integrity and Availability to agreed levels
• Ensures compliance with internal security policies and external industry standards, legal obligations, industry regulations and customer requirements – in relation to security.
• The RSO shall be accountable for the:
o In-region people, processes, networks, systems, websites and products are compliant with the ASML processes and Security Polices.
o Compliance to the Informational and Physical Security Policies are enforced across all key sites in the region.
o The Security Strategy is adequately addressed, with status reports and metrics as per the Security Control Dashboard.
o A pan-ASML security awareness culture is implemented through the Knowledge Protection Champion Network.
o The RSO ensures Country Customer’s IP is protected at ASML and that ASML’s is protected at the Country Customers.
o The RSO ensures Country Suppliers comply with ASML Supplier Security requirements and protect ASML IP.
o The RSO ensures Country buildings comply with ASML Physical Security Standard and requirements as first line of defence for protecting ASML people, IP and assets.
• In addition, the RSO shall:
o Be the lead on Information Security issues across the China region, assessing and mitigating risks thereby ensuring that ASML fulfils its Corporate and Social responsibility to provide a secure environment.
o Execute the ASML Security strategy in the region to meet business needs and corporate requirements providing professional advice on Information Security risk management.
o Ensure that ASML Security policies, procedures and guidelines are applied consistently and in accordance with in-country legislation, mitigating liabilities in close collaboration with local Legal personnel.
o Maintain a security management framework to protect Information assets and information within the region.
o Build excellent working relationships with ASML people and partners championing security risk management across the country/region.
o Perform risk assessments when required and provide ASML Security risk related input to the ASML Country Risk Register.
o To ensure Information Security investigations are coordinated and remedial action plans put in place following security breaches and failures, identified through audits/crime reports and other sources within the country/region.
o To provide compliance monitoring and report on the country/Country security policy compliance levels. Where compliance needs improvement, implement programs to improve compliance levels and ensure risks are properly mitigated.
Line management responsibility for the Country Security Managers in the region.
Some travel will be required to other ASML offices in the country, and abroad (+/- 20%)
KEY WORKING RELATIONSHIPS
External: Security Vendors, Customers, Suppliers, Industry Peers and Forums
Internal: ASML China IT, ASML Security Functions, CRA, Security Committee members
SKILLS AND QUALIFICATIONS
Essential Skills & Experience (key competencies)
• Minimum of 5 years Information Security experience. • Minimum of 10 years IT working experience. • Able to engage Senior Leadership to translate Information Security Risk into actionable Business concepts • Ability to build strong, trusting relationships with customers, suppliers, technical and non-technical user base; • Extensive experience in planning innovative strategic security improvement programs;
• Independent Achiever working in remote conditions and time zones • Able to influence geographic separated peers • Excellent leadership, influencing and interpersonal skills • Solid project management experience • Able to summarize and communicate technical data to a non-technical audience • Sound understanding of security technologies, techniques and best practices • Ability to build strong, trusting relationships with customers and suppliers; • Excellent analytical skills • Excellent verbal and written communication skills • Highly-motivated, with a strong work ethic and able to work effectively under minimal supervision
Certifications and/or Membership
• Master’s degree in Information Science/Security or equivalent experience • Valid industry certifications such as the Certified Information Systems Security Professional (CISSP), CISM, CRSK, CCSP, etc. • Experience multiple frameworks (ISO 27001, NIST, CIS20)