Corporate Risk Expert
Veldhoven, Netherlands, Europe

Perform intakes on new programs, projects and changes, determine the information security impact and provide relevant security requirements. Where relevant, liaise with the Privacy Office on privacy related topics and with Compliance on other regulatory requirements, Depending on the risk and nature of the project you provide guidance and advice to realize ‘security by design’, and finally you validate requirements prior to Go-Live. You define remaining risks, validate them with business stakeholders and recommend mitigations, register those and follow up on progress. Support the structured assessment of key applications and processes, applying ISO27001/2 and ASML policies and standards, Execute/support risk assessments as well as defining and implementing improvements for services where you have assigned responsibility within the Corporate sector. Align with other sectors, stakeholders and clients to ensure appropriate level of control across the Corporate landscape. Focus on business usage aspects, like Access Control, Communication Security, Incident Management, Supplier Relationship, Training & Awareness, Asset Management, Business Continuity Management, Operations Security and System Acquisition, Dev & Maintenance.