This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
ASML is the world's leading supplier of photolithography systems for the semiconductor industry, manufacturing machines used for the production of integrated circuits. The company heavily relies on information, making the protection of confidential data critical and requiring continuous improvement. At ASML, the Three Lines of Responsibility model is applied, with security capabilities organized centrally (second line) and security risk management embedded within each sector (first line). To support several sectors in Taiwan, we are looking for a Security Risk Manager to ensure that information security risks remain within the organization's risk appetite.
Job Responsibility
Handle local security incidents
Provide security awareness training
Execute application risk assessments
Support new initiatives through risk scoping
Define security requirements and validate proper implementation
Create visibility into the local risk landscape of supported sectors
Evaluate risks against the organization's risk appetite
Recommend, support, and guide risk owners in implementing mitigation actions
Report to local and central stakeholders
Actively participate in programs, projects, and changes
Support the business during internal and external audits
Requirements
Bachelor's degree in Information Security, Cybersecurity, Computer Science, or a related field
Minimum of 10 years' experience in information security risk management
Relevant certifications such as CISSP, CISM, or CRISC (strongly preferred)
Experience with risk assessment, risk treatment, and control design
Knowledge of information security standards and risk frameworks (e.g., ISO 27001, NIST)
Experience protecting confidential information and intellectual property
Familiarity with identity and access management and secure collaboration practices
Experience working with stakeholders at different organizational levels and in cross-functional teams
Ability to translate policies and procedures into operational activities
Strong communication and influencing skills
Ability to analyze risks and translate them into business impact
Ownership and ability to drive results in a complex environment
Strong relationship-building skills and ability to influence without authority
Strong analytical and problem-solving capabilities
Ability to collaborate effectively across diverse teams
Proactive mindset with a focus on continuous improvement
Strategic thinking and strong risk prioritization skills
Flexibility to adapt to changing priorities and organizational needs
Passion for improving security awareness and maturity
Strong verbal and written communication skills in English
Confidence to speak up when risks, opportunities, or concerns are identified