Senior Information Security Lead

City: Eindhoven

What could be a better place for you than a heavily R&D driven market leader of photolithography systems for the semiconductor industry?! This is for sure a rhetorical question, thus read the rest and make sure this role is “precisely-engineered” for you!


You will join the company where it is critical to properly safeguard intellectual property, therefore it will be your vital duty to manage information security risks within the R&D domain, which is a truly challenging task in an intellectual property-driven enterprise.


You will be responsible for the Focus Area ‘Assurance’ where you will manage a small team. Attention areas are Cloud (IaaS/PaaS), Export compliance, anomaly detection, and generic compliance to identified risk-mitigating controls. Besides the team management, you’ll be expected to perform/assist in information security risk assessments and support the R&D Security Risk Management department as a whole.


You will:


  • Manage operations of, and define and implement maturity improvements for the

‘Assurance’ function;

  • Align with risk (action) owners on risk mitigation of identified and agreed upon mitigating controls;
  • Continuously monitor compliance to implemented controls;
  • Perform information security risk management activities;
  • Report on risk control compliance;
  • Contribute to R&D security risk register maintaining risk control status;
  • Align with other security competencies (IT and Business) within the security community;
  • Contribute to improving risk management means and methods;
  • Advise and align with the organization on security risk management topics including security awareness training;
  • Report to the R&D Sector Security Risk Manager.


You bring:

  • 7+ years of relevant experience in information security risk management;
  • A formal degree in Information Security;
  • One or more valid industry certifications (CISM, CISA, CISSP, CRISC, CCSP);
  • Proven experience with the ISO27001/2 framework;
  • Proven team management skills;
  • Experience in dealing with IaaS and PaaS security risks on Azure and GCP;
  • Knowledge of Identity and Access Management processes;
  • Knowledge of ISO31000;
  • Knowledgeable of privacy incl. GDPR laws and regulations;
  • Familiarity with development and engineering processes;
  • Pro-active and self-motivated with a proven ability to drive results;
  • Excellent communication, influencing, and negotiating skills;
  • Ability to translate threats and vulnerabilities into business risk and drive mitigation.


You get:

  • Unparalleled remuneration and fringe benefits package;
  • A chance to work with professionals in a technical and high-end environment;
  • Dynamic environment with opportunities for personal development and growth;
  • Challenges and multidisciplinary projects in high-tech environment; 
  • A rather high level of autonomy;
  • International opportunities.

Yes! Is this your dream job?!