Cryptography & Security Specialist
2 dagen geleden
Job Mission
As a Cryptography and Security Specialist, you will join the Application Security team within the Technology Security Competence Center (TSCC), a segment of the Risk & Business Assurance (R&BA) department. Your primary responsibility will be to analyze security systems for potential vulnerabilities that could be exploited. This role involves identifying weaknesses and advising on the application and strengthening of cryptography. You will also be instrumental in identifying and testing new technologies that could be integrated into the organization's framework.
Your duties will include conducting comprehensive security assessments, primarily focusing on new and existing applications and IT services. Additionally, you will provide assistance and advice on security-related queries in projects, and contribute to driving security enhancements. This role requires regular interaction with stakeholders at various levels within IT and across different sectors of the organization.
This position plays a crucial role in safeguarding the organization’s information, Intellectual Property (IP), and assets, as well as those of their customers and suppliers, within the scope of the proposed solutions. This entails ensuring alignment with the organization's Information Security strategies and compliance with security policies, standards, and guidelines. It may also involve proposing additions and improvements to these standards to enhance overall security.
As a Cryptography and Security Specialist, you will be responsible for:
- Giving advice on which cryptographic tools/products to use and how to embed these in the environment.
- Giving advice on which form of encryption best fits the environment, taking into account different factors, i.e., the classification of the data.
- Keeping your knowledge up-to-date, especially in the cryptographic domain.
- Setting up and monitoring governance and (co-) setting up processes and monitoring of these processes.
- Performing project intake assessments in cooperation with the Project Security Officer.
- Assessing applications and systems to be implemented or actual implementations based on assessments of high- and low-level designs, interviews and/or testing.
- Assessing existing or new IT services (on premise or cloud) on technical vulnerabilities and weaknesses based on ASML process and tooling.
- Translating assessment results into an Information Security Specification (security plan for service).
- Communicating observations to the relevant stakeholders, advising on mitigation and following up on actions.
- Adding information to the different security registers from Business Impact assessments (BIA’s), IT Security Assessments (ITSA’s), penetration/security tests, vulnerability scans, exceptions and other sources.
- Adding information to security finding register, which contains all security assessment findings and risks that are reported within the TSCC, and is used to follow up on security assessment findings.
- Improving and maintaining an Application Security Register, manage and follow-up on actions and register application progress.
- Keeping track of follow-up actions and deliver management reporting.
- Representing, on occasion, the TSCC in IT projects and intake boards where required.
- Assessing IT security exception requests on validity and providing advice to the team lead application security and business stakeholder for acceptance or rejection including advice on additional security controls.
- Improving procedures to keep the security registers, application registers and assessment processes up to date.
- Creation and execution of roadmaps, standards, design patterns and frameworks, specifically on cryptography. Working together with different stakeholders within and outside of ASML e.g., external auditors and Core IT services.
- Creation of cryptography KPI’s, assuring right cryptography within ASML is being used.
- Advising on strategic future developments in cryptography.
- Updating and maintaining security baselines and standards.
- Assisting IT Security risk management.
- Training and coaching DevOps teams on security aspects, standards and security solutions in CI/CD.
RequirementsEducation and experience:
- Bachelor’s or Master’s degree in mathematics in combination with cybersecurity/information security (or equivalent experience).
- Valid industry certifications such as CISSP, CISM and/or CISA are a plus.
- CCSP or equivalent is a plus.
Required Experience:
- Min 6+ years professional experience with a focus on IT applications / information security, risk and compliance.
- Strong mathematical/algorithmic understanding of symmetric and asymmetric cryptography, hash functions, digital signatures etc.
- Experience and good hands on knowledge of PKI and certificate management in complex large enterprise settings, including Business Analysis.
- Experience with tools/products (i.e. Docker) where cryptography is embedded is a plus.
- Experience in executing Threat and Vulnerability Analysis (TVA) or IT Security risk assessments on IT services and applications.
- Experience with a wide range of SAP applications is a plus (no authorization management).
- Experience with Cloud security and 3rd party management.
- Experience in collecting information through research and interviews.
- Good working knowledge of Office suite applications like Excel, SharePoint and Teams.
- Deep Knowledge of current security technologies and governance processes.
- IT audit experience is a plus.
- In-depth working knowledge of IT Risk / security frameworks and best practices, such as: NIST Cyber, security, framework, ISF Standard of Good Practice for Information Security, NIST SP 800 30 framework, ISO 27001/2 framework.
- Knowledge of the Scaled Agile Framework (SAFe) is a plus.
Required Skills:
- Working at the cutting edge of tech, you’ll always have new challenges and new problems to solve – and working together is the only way to do that.
- You won’t work in a silo. Instead, you’ll be part of a creative, dynamic work environment where you’ll collaborate with supportive colleagues.
- There is always space for creative and unique points of view. You’ll have the flexibility and trust to choose how best to tackle tasks and solve problems.
- To thrive in this job, you’ll need the following skills:
- Able to operate independently/with minimal supervision, self-starter.
- Ability to interact with all levels including users, engineers, executives and senior managers.
- Analytical, precise, tenacious, autonomous.
- Knowledge of IT-security, Information Security and Architecture methodology.
- Ability to overcome organizational resistance.
- Excellent organizational skills and the ability to prioritize multiple tasks and assignments.
- Able to manage large amounts of new information quickly; grasp the deep technical characteristics of new environments; draft clear and concise visualizations of complex processes and environments, stand your ground in a flexible / changing environment.
- Enclose a personal motivation from the candidate for this position.
We have several vacancies open and your application keeps you in consideration for this role and other relevant openings in the future.
-
Cryptography & Security Specialist
2 dagen geleden
Eindhoven, Nederland All About Expats VoltijdJob DescriptionOur client, a leader in pioneering technology, is dedicated to solving some of humanity’s most complex challenges. In partnership with key industry players, they offer cutting-edge patterning solutions that are integral to the progression of microchip technology. If you're passionate about incorporating security into processes and...
-
Eindhoven, Nederland TNO VoltijdAbout this position Would you like to contribute to the information security of smart industry? Cryptographic innovations are needed to keep industrial data secure and available in the future. Become a master thesis intern in Groningen or Eindhoven at TNO’s Applied Cryptography and Quantum Algorithms department, where you will conduct your research...
-
R&d Manager for Security Products
2 weken geleden
Eindhoven, Nederland Synopsys Voltijd50113BR - NETHERLANDS - Eindhoven **Job Description and Requirements** - Synopsys is a worldwide leading supplier of semiconductor IP used by our customers to build SOCs (Systems-On-Chip). The product portfolio includes IP components and subsystems for Security, USB, DDR, CPU cores, processor peripherals, embedded memories, and many others. - Security IP...
-
Security Specialist
3 maanden geleden
Eindhoven, Nederland Pitt IT Professionals VoltijdJe werkplek Wil jij deel uitmaken van een dynamisch team dat vooroploopt in informatiebeveiliging? Onze opdrachtgever is op zoek naar een gedreven Security Specialist om de ICT-organisatie te versterken. Als Security Specialist ben je verantwoordelijk voor het ontwikkelen, beheren en adviseren op het gebied van informatiebeveiliging (IB). Je gaat...
-
Security Specialist
4 weken geleden
Eindhoven, Nederland Pitt IT Professionals VoltijdJe werkplek Wil jij deel uitmaken van een dynamisch team dat vooroploopt in informatiebeveiliging? Onze opdrachtgever is op zoek naar een gedreven Security Specialist om de ICT-organisatie te versterken. Als Security Specialist ben je verantwoordelijk voor het ontwikkelen, beheren en adviseren op het gebied van informatiebeveiliging (IB). Je gaat...
-
Security Specialist
1 week geleden
Eindhoven, Noord-Brabant, Nederland Pitt IT Professionals VoltijdJe werkplek Wil jij deel uitmaken van een dynamisch team dat vooroploopt in informatiebeveiliging? Onze opdrachtgever is op zoek naar een gedreven Security Specialist om de ICT-organisatie te versterken. Als Security Specialist ben je verantwoordelijk voor het ontwikkelen, beheren en adviseren op het gebied van informatiebeveiliging (IB). Je gaat werken...
-
Graduate digital IC design engineer
2 maanden geleden
Eindhoven, Nederland IC Resources VoltijdGraduate / intern level Hardware / Digital design position available in the world on semiconductor security IP. Salary, bonus, RSUs given. Plus visa sponsorship is available - dependent on degree studies and relevance of skills. Requirements:Bachelors / Masters / PHD in Electronics, micro-electronics or similar physics related fieldUnderstanding of /...
-
Graduate digital IC design engineer
1 week geleden
Eindhoven, Noord-Brabant, Nederland IC Resources VoltijdGraduate / intern level Hardware / Digital design position available in the world on semiconductor security IP. Salary, bonus, RSUs given. Plus visa sponsorship is available - dependent on degree studies and relevance of skills. Requirements:Bachelors / Masters / PHD in Electronics, micro-electronics or similar physics related fieldUnderstanding of /...
-
Graduate digital IC design engineer
4 weken geleden
Eindhoven, Nederland IC Resources VoltijdGraduate / intern level Hardware / Digital design position available in the world on semiconductor security IP. Salary, bonus, RSUs given. Plus visa sponsorship is available - dependent on degree studies and relevance of skills. Requirements:Bachelors / Masters / PHD in Electronics, micro-electronics or similar physics related fieldUnderstanding of /...
-
Staff Software Engineer
1 dag geleden
Eindhoven, Nederland Fortanix VoltijdAbout Fortanix: In today's world, where data spreads across various clouds and devices, traditional security measures aren't enough. Businesses need a dynamic approach to defend against constant cyber threats and ensure agile data security. Fortanix leads the way in data-centric cybersecurity for hybrid multicloud environments, using advanced...
-
Eindhoven, Nederland Eindhoven University of Technology VoltijdJob description We have an opening for an Assistant Professor in Verification of Cryptographic implementations. We are looking for an enthusiastic colleague to strengthen our team and complement our research and teaching activities. We conduct research in many applied as well as theoretical areas of cryptology. Our team is especially known for our...
-
Eindhoven, Noord-Brabant, Nederland Eindhoven University of Technology VoltijdJob description We have an opening for an Assistant Professor in Verification of Cryptographic implementations. We are looking for an enthusiastic colleague to strengthen our team and complement our research and teaching activities. We conduct research in many applied as well as theoretical areas of cryptology. Our team is especially known for our...
-
Eindhoven, Nederland Eindhoven University of Technology VoltijdJob description We have an opening for an Assistant Professor in Verification of Cryptographic implementations. We are looking for an enthusiastic colleague to strengthen our team and complement our research and teaching activities. We conduct research in many applied as well as theoretical areas of cryptology. Our team is especially known for our...
-
Information Security Officer
1 week geleden
Eindhoven, Noord-Brabant, Nederland Sioux Technologies VoltijdAt Sioux, everything is about solving the complete puzzle. And we cannot do that without you, a motivated Information Security Officer. Sioux develops and produces state-of-the-art technology for the top of the international high-tech community. We set high standards and regularly make the impossible possible. We do this together, within a close-knit...
-
Senior Security Consultant
3 maanden geleden
Eindhoven, Nederland NEXXT VoltijdMicrosoft Security Consultant In de functie van Medior Security Consultant ben je bezig met het implementeren van veilige en effectieve securityoplossingen. Je bent bekend met het werken in/met Entra ID, PAM en Defender of Sentinel. Kennis en ervaring in hybride omgevingen is een pré. Als Medior Security Consultant zul je een sleutelrol spelen in het...
-
SAP Lead Security Engineer
1 week geleden
Eindhoven, Noord-Brabant, Nederland Luxoft VoltijdProject descriptionAs an SAP Security & Authorizations Specialist what you'll be doing:The SAP Security & Authorizations Specialist gathers business information and translates requirements/processes into IT Solutions, which will support and optimize the business in its daily operations. In this challenging specialist role you deliver, implement, and maintain...
-
SAP Lead Security Engineer
2 weken geleden
Eindhoven, Nederland Luxoft VoltijdProject descriptionAs an SAP Security & Authorizations Specialist what you'll be doing: The SAP Security & Authorizations Specialist gathers business information and translates requirements/processes into IT Solutions, which will support and optimize the business in its daily operations. In this challenging specialist role you deliver, implement, and...
-
SAP Lead Security Engineer
4 dagen geleden
Eindhoven, Nederland Luxoft VoltijdProject descriptionAs an SAP Security & Authorizations Specialist what you'll be doing: The SAP Security & Authorizations Specialist gathers business information and translates requirements/processes into IT Solutions, which will support and optimize the business in its daily operations. In this challenging specialist role you deliver, implement, and...
-
SAP Lead Security Engineer
2 weken geleden
Eindhoven, Noord-Brabant, Nederland Luxoft VoltijdProject descriptionAs an SAP Security & Authorizations Specialist what you'll be doing:The SAP Security & Authorizations Specialist gathers business information and translates requirements/processes into IT Solutions, which will support and optimize the business in its daily operations. In this challenging specialist role you deliver, implement, and maintain...
-
Senior Security Consultant
2 maanden geleden
Eindhoven, Noord-Brabant, Nederland NEXXT VoltijdMicrosoft Security ConsultantIn de functie van Medior Security Consultant ben je bezig met het implementeren van veilige en effectieve securityoplossingen. Je bent bekend met het werken in/met Entra ID, PAM en Defender of Sentinel. Kennis en ervaring in hybride omgevingen is een pré.Als Medior Security Consultant zul je een sleutelrol spelen in het leveren...
