Job Mission

The IT Network and ICS Security Specialist is responsible to set-up and maintain security policies, standards and hardening guidelines for Network, infrastructure and Industrial Control Systems (ICS) / SCADA network. The IT Network and ICS Security Specialist will assess current protection level of the network, infrastructure and Industrial Control Systems and the compliance of these assets towards ASML policies, standards and applicable legislation. The IT Network and ICS Security Specialist will support projects, assess the effectiveness of the security of the network, infrastructure and ICS environment, and will, together with involved stakeholders, determine a solution strategy for detected security problems upon this scope. Where applicable (s)he support investigations / forensics activities upon the network and ICS environment.

• Focus will be on protection and security of :
  • Network devices such as (not limited to): routers, switches, firewalls, DHCP and DNS.
  • Network and Datacenters (e.g. network access, network and DC segmentation).
  • The Industrial Control systems and the applicable infrastructure
• Support and conduct audits, pentests and computer forensics upon the above scope.

Job Description

• Set-up IT security standards applicable for network, datacenter, IoT and Scada / ICS and support the translation of these standards towards operational controls.
• Responsible to assure that security and assurance requirements are effectively covered within Network , datacenter, infrastructure and ICS policies, standards and guidelines.
• Verify effectively implementation by ASML IT organization of IT security standards and security controls related to the scope of the function.
• Responsible to advice on security improvements, roadmaps and additional controls on network, infrastructure, datacenter and ICS/ SCADA network based upon audit results, incidents and other lessons learned.
• Define, align and support security roadmap for network, infrastructure and ICS / SCADA network.

Requested Skills

• More than 10 years’ experience with management and security of :
  • network devices (e.g. routers, switches, load balancers, DNS, DHCP)
  •  DataCenter (DC) security.
• More than 5 years’ experience with security of ICS / SCADA network, protocols and devices.
• More than 5 years’ experience with conducting pentests and forensic investigation related to network,  network devices and ICS systems.
• Familiar with future developments within the area of network security, data center security and ICS / SCADA security. E.g. Software Defined Networks, Micro-Segmentation.

Education

• Relevant CISCO Certifications (at least CCNP Security)
• Relevant SCADA / ICS certificates (e.g. GICSP,CSSA, Industrial Security professional)

Deep technical knowledge of:  

• Network Security and network devices (e.g. routers, protocols, switches, DNS, DHCP)
• SCADA / ICS network and devices
• Datacenter infrastructure and related security topics (e.g. segmentation).

Familiar with industry security best practices / framework such as:

• Relevant ISO standards (e.g. ISO 27001, ISO22301)
• ISA99/IEC 62443 framework
• Datacenter Standards (e.g. TIER)
• NIST
• CSA
• SANS Top 20

Able to set-up IT security standards / guidelines used by IT Organisation

Personal skills

• Analytical, precise, tenacious, autonomous
• Familiar with local laws and legislation, Sarbanes Oxley
• Ability to interact with all levels including executives and senior managers
• Strong interpersonal, presentation, analytical and statistical sampling skills
• Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments
• Exceptional written and verbal communication skills are required
• Flexibility to travel 

Other interesting information

The IT division supports information management, infrastructure and key business processes across ASML. The ICT infrastructure, hardware and applications are absolutely mission-critical for almost all ASML’s internal and external activities.

Start date: Directly            

End date: 30 June 2017    

Location: Veldhoven