- Perform comprehensive technical security evaluations, including but not limited to hardware and software hacking, testing against embedded systems, and identifying vulnerabilities across various layers of product architecture;
- Analyze vulnerabilities to understand the technical impact and the complexity of exploitation, proposing mitigation strategies to enhance product security;
- Prepare detailed penetration testing reports, effectively communicating findings to both technical and non-technical stakeholders to facilitate informed decision-making.
- A strong Software development background (such as Python, C or C++) and expertise in software and firmware reverse engineering tools such as Ghidra or IDA Pro;
- Preferably, you will have 3 years' experience in pentesting within a multinational corporate security environment. However, we are also open to candidates who are less experienced;
- A Bachelor- or master's degree in computer science, information technology, computer engineering or similar;
- A deep understanding of and reverse engineering techniques at both binary and source code levels.
Senior Penetration Tester - Veldhoven, Nederland - ASML
Beschrijving
Introduction to the job
As a penetration tester you will be responsible for protecting ASML's assets, present at the center of everything that's digitally exchanged.
Role and responsibilities
In this role you conduct penetration tests upon (parts of) the ASML products to test the effectiveness of our current security controls and to check the adherence to the compliance requirements. This role is positioned within the Application Security team, part of Risk & Business Assurance within ASML. Currently a team of 4 people from all across the globe, they are a vital part of the strategy to protect commercially sensitive, proprietary data.
Joining this team, you will be responsible for conducting penetration tests and red team exercises for IT and OT infrastructures, applications and products, as well as engaging in red and purple teaming activities. You will conduct external, internal and wireless network assessments as well as web and mobile application pentests, and pentests for our SCADA/ICS/OT environments, SAP systems, and cloud environments. You will lead the integration of offensive security methodologies within product security assessments, focusing on both hardware and software layers of embedded systems.
In short, your responsibilities will be:
Education and experience
An important part of your job will be connecting and engaging with technical peers and non-technical stakeholders throughout the ASML organization. Your communicative and collaborative skills will be key to ensure that you will be able to build strong relationships and networks across departments. You have an inquisitive and curious mindset, tenacious and passionate about what you do.
As the team is expanding quickly to accommodate increasing responsibilities, you will find ample opportunities to develop and challenge yourself. Ideally, you will bring these competences and skills to the table:
Certifications in penetration testing (such as OSCP, SANS, GREM), expertise in assessing cloud environments for security vulnerabilities, understanding cloud-native security tools, and knowledge of best practices for securing cloud services and infrastructure are highly valued, as is also familiarity with secure development life cycle (SDLC) practices and the ability to integrate security testing into the development process.
Other information
If you don't meet the above mentioned requirements, and you still feel your profile is a great match with this job description, please apply and we'd like to get in touch.
EOE AA M/F/Veteran/Disability
Diversity and inclusion
ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.
Need to know more about applying for a job at ASML? Read our .