Cybersecurity Vendor Risk Manager

We’re not like most. We don’t just overcome obstacles - we don’t see them. Instead, we see the potential in every person, and every situation. We don’t wait for opportunity to appear - we create it. Meet ASM. A company that has been searching for people just like you._

**Who is ASM?**

ASM is a leading, global supplier of semiconductor wafer processing equipment. Our ambitious team is dedicated to delivering innovative technology solutions to the world’s leading semiconductor manufacturers. We have over 2,600 employees based in 14 countries, including Belgium, Japan, Netherlands, South Korea, Singapore, Taiwan and United States. Together we work to develop Epitaxy, ALD, PEALD, Vertical Furnaces and PECVD thin-film deposition technologies for our customers. Our goal is to remain an industry leader by being ahead of what’s next. We accomplish this by focusing on finding collaborative solutions to make integrated circuits, or chips, smaller, faster and even more powerful.

**ASM, an inclusive workplace**

We at ASM are a truly global organization that works diligently with an open-mind in all areas of our business. We strive for a culture and work style that fosters trust and transparency. We put our people first, and that is how we will continue to succeed. We are an equal opportunity employer and value diversity. We recognize and value the differences between individuals, including gender, ethnicity, religious beliefs, sexual orientation, knowledge and experience, work background, age, skills, amongst others. Recruiting and developing a diverse workforce provides a wide range of perspectives. This enables a culture of continuously exploring and adopting new technological ideas and innovations, and it also enables us to deliver excellent products and service to our clients.

**Key Responsibilities**:

- Acts as trusted advisor to senior leadership to set strategy for the Cybersecurity Vendor Risk Management program
- Provides strong leadership, develops and sets individual and team goals, acts as a change agent and leader and creates growth opportunities for all team members
- Ensures efficacy and quality of all processes in scope
- Establish contractual supplier agreements for any vendor that may access, process, store, communicate or provide IT infrastructure to an organization’s data.
- Perform initial and periodic risk assessments, and other necessary reviews, to identify, measure and manage cybersecurity vendor risks based on company standards and risk appetite, leveraging demonstrated working knowledge of industry security practices
- Develop cybersecurity compliance processes and/or audits for external services (e.g., cloud service providers, data centers)
- Manage changes to the supplier services, considering re-assessment of risks.
- Implement and maintain cybersecurity vendor risks processes for onboarding and oversight of all new and existing third-party vendor relationships
- Identifies and drives innovation and process improvements
- **At least 10 years of overall IT experience**:

- **At Least 5 years of Cybersecurity Vendor Risk experience**:

- **At Least 5 years of People Management experience**:

- Experience in the manufacturing industries is advantageous
- At least one relevant industry certification, including CISM, CRISC, CISA, CISSP, CCSP
- Broad knowledge of businesses, functions and security control environment on Vendor Risk Management experience
- Working knowledge of industry risk management frameworks, methodologies and best practices
- Strong presentation and communication skills.
- Ability to collaborate effectively with IT, Privacy, Legal and other business partners to define and achieve objectives

**Technical Skills & Knowledge**:

- Skills including being analytical with attention to detail and long periods of focused attention and sitting, ability to prioritize, troubleshooting
- Ability to perform effective cybersecurity vendor risk assessments and the ability to respond to risk assessment in a timely manner
- Strong written skills to produce security feedback on contracts that are easy to understand for each defined audience
- Industry standards and regulatory requirements such as ISO27K, GDPR, COSO, ISO27036, Trade Compliance
- Ability to direct and lead cross-functional, cross-vendor teams.

Job Req ID: 19005
- From the very start of the semiconductor industry to the present day, we’ve been technology leaders who have pioneered innovation and brought new processes into mainstream manufacturing. We are collaborating, creating, and delivering on our vision - a shared vision to drive innovation with new technologies and delivering excellence with dependable products. By doing this, we’ll create new possibilities for everyone to understand, create and share more of what they love._

**Be part of our exciting future and join our team today