Big Data Security Specialist(Hightech) industrie Senior Noord-Brabant
Big Data Security Specialist you are part of the Application Security team
within the Technology Security Competence Center (TSCC) which is part of the
Risk & Business Assurance (R&BA) department.
You will be responsible for conducting detailed and in-depth security assessments both new and existing data-centric applications within ASML, assist and advice (big)data-related projects on security related questions and help drive the security improvements. You will be interacting with stakeholders on different levels. In this role you will also be participating in PI events and as a Subject Matter Expert (SME) involved in the Agile Release Trains (ARTs).
Wat verwachten we van jou?
- Min 6+ years professional experience with a focus on IT applications / information security, risk and compliance;
- Experience in executing Threat and Vulnerability Analysis (TVA) or IT Security risk assessments on IT services and data-centric applications;
- Securing data-centric or analytical platforms and applications.
- Securing data ingestion and processing pipelines (on premise, hybrid or cloud);
- Knowledge and/or hands-on experience with common (big) data environments and languages, such as Data Lakes, Big Data Storage and Computing, Hadoop, Spark, Python, Analytics Reporting Tooling;
- Security on a wide range of SAP (HANA) applications is a plus in this role;
- Experience with Scaled Agile Framework (SAFe) is a plus;
- Experience with (Cloud) Security Architecture is a plus;
- One or more of the following valid certifications is a plus: CISA, CISSP, CCSP, ISO27001/27002, CKS, CDP/CDE, Azure or Google Security.
Wat kun jij verwachten?
- A great job at one of our leading clients
- A good salary, career opportunities and excellent fringe benefits
- At Trinamics you get nice extras: discount on your health insurance and referral premiums, activities (for example football tournament, Christmas drinks etc.)
Performing project intake assessments in cooperation with the Project
Assessing applications and systems to be implemented or actual implementations based on assessments of high and low level designs, interviews and/or testing;
Assessing existing or new IT services (on premise or cloud) on technical vulnerabilities and weaknesses based on ASML process and tooling;
Translating assessment results into an Information Security Specification (security plan for service);
Communicating observations to the relevant stakeholders, advice on mitigation and follow up on actions;
Adding information to the different security registers from Business Impact assessments (BIA’s), IT Security Assessments (ITSA’s), penetration/security tests, vulnerability scans, exceptions and other sources;
Adding information to security finding register, which contains all security assessment findings and risks that are reported within the TSCC, and is used to follow up on security assessment findings;
Assuring and monitoring the effectiveness of our application security controls;
Keeping track of follow up actions and deliver management reporting;
Representing, on occasion, the TSCC in IT projects and intake boards where required;
Assessing IT security exception requests on validity and provide advice to the team lead application security and business stakeholder for acceptance or rejection including advice on additional security controls;
Improving procedures to keep the security registers, application registers and assessment processes up to date;
Giving advice on security improvements and additional controls;
Updating and maintaining security baselines and standards;
Training and coaching DevOps teams on security aspects, standards and security solutions in CI/CD.