R&D Export Control & Security Risk Lead
Listed on 2026-07-05
-
IT/Tech
Cybersecurity, Information Security
Introduction to the job
Operating in a highly regulated global environment, ASML’s R&D community handles sensitive intellectual property, controlled technologies, and cross-border collaborations.
As the R&D Security & Export Control Risk Manager, you play a critical role in ensuring that information security and export compliance risks remain within ASML’s risk appetite. You will identify, assess, and mitigate risks related to ASML’s R&D information assets, sensitive technologies and data flows—while serving as the primary R&D point of contact for topics intersecting Security Risk Management and Export Control (EAR/ITAR, EU Dual Use).
You will collaborate closely with R&D teams, IT, Legal, Export Control, Customer Support, and various global competence centers to ensure that both security requirements and export control obligations are effectively embedded in R&D processes.
Role and responsibilitiesThis role strengthens ASML’s risk posture by integrating information security and export compliance considerations into R&D operations, architecture, systems, and collaborations. You ensure that R&D activities comply with global export control regulations while maintaining a secure environment for sensitive intellectual property and controlled technology.
You will act as the first point of contact for security risks with an export control dimension, coordinating with the Legal & Compliance Export Control department and R&D leadership as needed.
Primary Focus:
Export Control Risk Management
- Identify and assess export control risks related to R&D activities, technologies, data flows, collaborations, and system usage
- Partner with ASML’s Legal & Compliance Export Control team to interpret EAR, ITAR, and EU Dual Use requirements in the context of R&D workflows
- Support technology classification efforts, ensuring proper handling, access control, and segregation of controlled technologies
- Act as the R&D lead during security or compliance incidents involving export controlled technology; determine R&D impact and coordinate with Legal & Compliance
- Drive and participate in export compliance improvement programs, advising on risk reduction across processes, people, tools, and data
- Contribute to R&D export control capability roadmaps and alignment with Legal, RBA&S, IT, and business lines
- Maintain an integrated R&D export compliance risk overview and report to stakeholders
Core Information Security Responsibilities
- Perform information security risk assessments on new initiatives and projects, including architectural design reviews
- Recommend mitigating controls based on ASML’s security framework and drive implementation with project teams
- Conduct risk assessments or coordinate penetration testing on existing applications or environments
- Ensure compliance with ASML security policies, standards, and controlled technology handling requirements
- Represent R&D in global security initiatives, offering a US centric perspective where relevant
- Support development of security and export control awareness trainings tailored to R&D needs
- Build strong stakeholder networks across R&D, IT, Legal, Risk & Business Assurance, and engineering teams
- Perform other duties as assigned.
- Bachelor’s degree in Information Security, Cybersecurity, International Trade, Law, Engineering, or related field. Master’s preferred.
- Must have 8+ years of proven experience.
- Export compliance experience strongly preferred.
- Experience in AI, Cloud and/or Dev Ops security a plus.
- Ability to translate complex regulatory and security requirements into actionable controls for engineers
- Strong analytical and problem‑solving skills, with the ability to assess both technical and regulatory risks
- Excellent communication and stakeholder‑management skills; able to influence and negotiate with diverse partners
- Results‑driven with strong ownership and independent execution
- Ability to build bridges between R&D, IT, and Legal/Compliance domains
- Continuous learner who stays ahead of security and regulatory developments
- Strategic thinker who can design long‑term improvements while enabling practical short‑term solutions
- This position is located on-site…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).