Senior IT Analyst, Cybersecurity

We’re not like most. We don’t just overcome obstacles - we don’t see them. Instead, we see the potential in every person, and every situation. We don’t wait for opportunity to appear - we create it. Meet ASM. A company that has been searching for people just like you._

**Who is ASM?**

ASM is a leading, global supplier of semiconductor wafer processing equipment. Our ambitious team is dedicated to delivering innovative technology solutions to the world’s leading semiconductor manufacturers. We have over 2,600 employees based in 14 countries, including Belgium, Japan, Netherlands, South Korea, Singapore, Taiwan and United States. Together we work to develop Epitaxy, ALD, PEALD, Vertical Furnaces and PECVD thin-film deposition technologies for our customers. Our goal is to remain an industry leader by being ahead of what’s next. We accomplish this by focusing on finding collaborative solutions to make integrated circuits, or chips, smaller, faster and even more powerful.

**ASM, an inclusive workplace**

We at ASM are a truly global organization that works diligently with an open-mind in all areas of our business. We strive for a culture and work style that fosters trust and transparency. We put our people first, and that is how we will continue to succeed. We are an equal opportunity employer and value diversity. We recognize and value the differences between individuals, including gender, ethnicity, religious beliefs, sexual orientation, knowledge and experience, work background, age, skills, amongst others. Recruiting and developing a diverse workforce provides a wide range of perspectives. This enables a culture of continuously exploring and adopting new technological ideas and innovations, and it also enables us to deliver excellent products and service to our clients.

**Position summary**:This role is responsible for responding, managing and coordination of end-to-end Security Incident Management Lifecycle: Incident Identification, Triage, Containment, Eradication, Recovery and Lesson Learnt. This role will be the point of contact to drive major Cybersecurity incidents response globally and assist in Cybersecurity operations related matters, including Cybersecurity monitoring, Cyber Forensics, and Threat Intelligence.

**Key Responsibilities**:

- End-to-end ownership in driving and coordinating major Cybersecurity Incident Response and Resolution activities, including communication with upstream and downstream stakeholders (external and internal) to provide appropriate level of detail for awareness and collaboration
- Facilitate investigation by engaging the required technical or business resources to assist in the triage of a major incident. Coordinate efforts to determine an incident's root cause
- Keep records of all events, activities, and actions taken from the incident
- Prepare detailed Incident Post-mortem report and Executive Summary to document the Security Incident chronology, root cause, remediation, corrective/preventive actions, and lesson learnt
- Develop and maintain cyber incident response plan and playbook
- Advise and assist the L1 SOC and L2 SecOps team to sharpen their operational playbooks and procedures, and assist in refining current use cases implemented on the SIEM solution to reduce/minimize false positives
- Plan and conduct annual table-top exercise / cybersecurity recovery drills
- Perform proactive threat analysis from network traffic, user and security logs, and other relevant security data to hunt for potential adversary activity
- Recommend and implement tools to enhance detection, response and recovery functions and security posture. Implement incident response automation where possible
- Conduct analysis related to forensic investigations, cybercrimes, and/or cyberattacks from inside and external threat actors
- Develop methodologies to identify threat adversary tactics, techniques, and procedures
- Bachelor’s degree relevant to Cybersecurity, Information Technology, Computer Science/Engineering
- Experience in of SOC process and enterprise level Security Detection and Prevention technologies e.g., Firewalls, IPS/IDS, Network Packet Analysis and Endpoint log analysis, server log analysis, SIEM, SOAR, Vulnerability Scanning, Threat intel, Anti-Malware, Phishing Prevention, and Endpoint Detection & Response (EDR)
- At least 5 years’ experience in major cybersecurity incidents management and in performing incident response and investigations for an enterprise level environment
- At least one security certification such as GCIH, ECIH, CEH, CHFI, CISSP
- Knowledge of different domains of IT Security cyber kill chain, IOCs, and attack frameworks
- Excellent analytical and problem-solving skills, communication, and documentation skills

Job Req Number: 19816
- From the very start of the semiconductor industry to the present day, we’ve been technology leaders who have pioneered innovation and brought new processes into mainstream manufacturing. We are col