Introduction ASML – the world’s leading provider of lithography systems for the semiconductor industry – has prioritized to focus on security throughout its IT Infra services landscape. Job Mission As an Infrastructure Security Architect, you design and implement a secure end-to-end infrastructure setup. The IT Infrastructure Security Architect should be hands-on in all aspects of security including implementing security controls and threat protection, managing identity and access managemen…
Requirements:
Education
Bachelor’s/master’s degree in IT, Business Management, Computer Science or Electronics.
Experience
- A minimum of 3 years of experience building and maintaining secure IT Infrastructure Services.
- Understand agile and DevOps concepts in a security context such as “trust but verify”, central vs decentral controls, make agile teams as autonomous as possible while ensuring the teams adhere to the Non-Functional-Requirements.
- A deep understanding of networking, e.g. IP subnetting, Network Security Groups, routing, Firewall, load balancer, DNS.
- A deep understanding of configuring security policies and securing applications and data.
- Familiarity with capabilities and services for Azure, e.g. Azure Active Directory, Privileged Identity Management, VMs, Container Registry, Azure Kubernetes Services (AKS), Data Services, KeyVault.
- Strong skills in scripting and automation, Infrastructure-as-Code (IaC) and using CI/CD concepts.
- Experience with pipeline tooling for automated deployments and applying security controls. Experience with Azure DevOps Pipelines is preferred but also other tools like Jenkins, Bamboo, Buildkite are a pre.
- Experience with infrastructure orchestration (IaC) tools such as Terraform and other cloud-specific infrastructure automation tools (Azure Resource Manager, Google Cloud Deployment Manager) to automate the creation of staging, testing and production environments.
- Experience with configuration management / desired state automation / compliance tools such as Ansible, Inspec, Azure Policy, Google Forseti, Puppet, to configure, monitor and automatically enforce security controls where needed to ensure compliancy.
- Proficient in Linux system design, automation, and operation.
- Understand the concepts of Site Reliability Engineering (SRE) to maximize automation, reduce waste, increase scale and apply systemic thinking is a pre.
- Experience with Google Cloud Platform is a pre.
- Work experience from large, international companies and have dealt with or worked for global service providers.
- Security certifications such as Azure Security Architect Associate or GCP Professional Cloud Security Architect are beneficial. Also industry certifications are considered as beneficial e.g., CISSP, CSSP, CCSK, GIAC, CEH …