Team Lead – Security Incident Response Team

As Security incident response team lead, you will take a leadership role within the Security Incident Response Team (SIRT). Your primary focus will be on leading a team of security analysts and play a key role in shaping ASML’s security posture.

Role and Responsibilities
The Security Incident Response Team (SIRT) operates within the Security Operations Center (SOC) to detect and mitigate security threats in real time. As a SIRT Team Lead, you will be responsible for people management, operational security monitoring and security improvements. You will manage team(s) performance during daily operations and provide process and technical guidance to team members across the board. You coordinate staffing and resource allocation of team members across end-to-end SIRT operations and collaborate with Service Delivery Management for specialist track capacity management and empower end- to-end process execution. The team of security analysts consists of diverse areas of expertise security incident response (Cyber, IT, OT, DLP, Physical), threat hunting, and driving strategic security improvements. You will play a key role in mentoring security analysts and shaping the organization’s security posture. The main focus points of the role of SIRT team lead:

• Develop & grow your team members to support wider ranges of security incidents and become more valuable and well-rounded security analysts.
• Identify and implement process level improvements in the team and strengthen the collaboration across ASML together with the rest of the leadership team.
• Ensure high quality analysis, documentation and resolution on all security incidents managed in your team aligned with a common documentation way of working across the ASML Security incident management workflow.

Education and experience
This position requires deep tactical, people management expertise, with a balanced technical knowledge, strong analytical skills, and the ability to understand complex security investigations and lead security improvements. The ideal candidate will have:

• Strong team development & coaching focus.
• Strong stakeholder management and build solid relationships of trust at different levels.
• 8+ years of management experience, preferably in a multinational corporate security environment.
• Proven experience with security monitoring & incident response activities.
• Broad experience in multiple security domains (e.g., IT, Information, Operational Technology (OT) or Physical Security.
• Master’s degree working and thinking level.
• CISM, CISSP, or SANS GSOC/GSOM certificate is a must.

Skills
• Expertise in Security Monitoring, Analysis, Containment and Remediation.
• Strong Leadership & Mentorship Capabilities.
• Expertise leading Cultural and Agile transformation.

Other Information

• The role may involve shift work or on-call duties to provide 24/7 security coverage.
• This position is primarily office-based, with the possibility of remote work.
• It is preferred if you possess a valid work permit for the Netherlands.