What could be a better place for you than a heavily R&D driven market leader of photolithography systems for the semiconductor industry?! This is for sure a rhetorical question, thus read the rest and make sure this role is “precisely-engineered” for you!
You will join the company where it is critical to properly safeguard intellectual property, therefore it will be your vital duty to assure the business develops their products within the company’s cyber and information security risk appetite by developing, maintaining, and improving cross-product reference architecture in alignment with the company’s risk appetite, product security risk management framework, and business needs.
- Take responsibility for development, maintenance, and improvement of the crossproduct security reference architecture and of product security design patterns and integration of these in business/product development processes;
- Align of cross-product security reference architecture with product security risk management framework;
- Execute product security control and risk assessments and drive mitigation in product development processes;
- Register product security risks and exceptions in respective R&D registers;
- Execute and coordinate product security incident and exception management processes;
- Prove your capability to design and to support in the design of solution architecture including technical and operational aspects for product security services;
- Support business line programs, product architects, and engineers in solution architecture, design, and implementation of security requirements in products and services;
- Provide and contribute to security awareness training for specialized topics;
- Contribute to the development of product security policies, standards, benchmarks, and guidelines;
- Contribute to the development of product security means and methods;
- Contribute to the maturity of the product security technical competence;
- Remain oversight, manage dependencies and integration aspects, and assure crossproduct security architecture is consistent across product security services.
- 10+ years of relevant experience in IT security, OT security, and information security risk management accompanied by a formal degree;
- Proven strong IT and software architecture knowledge and background;
- Proven experience with risk management frameworks such as ISO 27001;
- Proven up-to-date experience with vulnerability scanning and/ or penetration testing;
- Generic security certifications like CISSP, and CISM;
- Specialized security architecture certifications like TOGAF9, SABSA, CISSP-ISSAP, and GDSA.
- Skill to lead, influence, and negotiate without authority;
- A business-enabling security attitude in opposite to a business disabling one;
- Ability to translate risks, threats, and vulnerabilities to business stakeholder level and to drive risk mitigation, dealing with resistance and risk appetite;
- Drive to retrieve the root cause of the problem.
- Unparalleled remuneration and fringe benefits package;
- A chance to work with professionals in a technical and high-end environment;
- Dynamic environment with opportunities for personal development and growth;
- Challenges and multidisciplinary projects in high-tech environment;
- A rather high level of autonomy;
- International opportunities.