- Execute the daily operational 2nd line analysis of potential security incidents until successful remediation and closure
- Ensuring quality documentation on the cases handled by the CSIRT for audit and process improvement purposes
- Improve skillsets of team members by coaching, reviewing and transfer of knowledge to structurally improve team effectiveness
- Participate in the continuous development of plays in the Cyber Security Playbook to structurally improve 1st line SOC effectiveness
- Improve upon the management reporting and execute the weekly, monthly and quarterly management reporting cycles
- Identify impediments to team growth and suggest solution directions to senior management
- Create and execute, based on a gap assessment, a plan to deliver intelligence driven improved detection/response capabilities
ASML is a successful Dutch high-tech enterprise that produces complex lithography systems used by chip manufacturers in the production of integrated circuits. ASML is at the cutting edge of this technology and delivers systems to all the world’s leading chip manufacturers. ASML’s employees are among the most creative talents in the fields of physics, mathematics, chemistry, mechanical engineering and software. Every day they collaborate in close-knit multidisciplinary teams in which members listen to and learn from one another and exchange ideas. It is the ideal environment for professional development and personal growth.
ASML is headquartered in Veldhoven, the Netherlands.
The Cyber Defence Operations team consists of a 1st line SOC team and a 2nd line Cyber Security Incident Response team. The senior CSIRT team member will function as a coach in the team utilizing his/her broad experience in the field of Security incident response to further mature the operations. As a temporary extension to the team the prime purpose of the role is to strengthen the team in the short term with immediate expertise as well as ensuring lasting effects beyond the term of the assignment.
- Min 8-10+ years professional experience in information security incident detection & response in either an enterprise or MSSP environment
- Deep understanding of attack techniques and detection technologies
- Broad system, application and network related knowledge
- Sound understanding of security technologies, techniques and best practices
- Ability to build strong, trusting relationships
- Excellent analytical skills
- Able to summarize and communicate technical data to a non-technical audience
- Excellent English communication and presentation skills. Command of the Dutch language is a plus.
- Excellent verbal and written communication skills
- Highly-motivated, with a strong work ethic and able to work effectively under minimal supervision
- Academic qualifications are an advantage, but not a substitute for professional experience
- Valid industry certifications such as the Certified Information Systems Security Professional (CISSP), or CISM, GCFA, GCNFA, GPEN, OSCP.
- You are in possession of a valid work permit for The Netherlands
- Excellent interpersonal skills
- Good teaching & coaching skills
- Solid priority management skills
- Ability to think through complex problems, determine proper analytical processes and procedures, independently derive conclusions and present results to management
- Team player
- Ability to easily switch between Operational, Tactical and Strategic levels