Compliance & Assurance Officer

Introduction to the job

As a Compliance & Assurance Officer within the Policy, Compliance & Assurance (PCA) team, you play a key role in safeguarding ASML’s ability to innovate responsibly and compliantly. You ensure that security, compliance and information‑management requirements within your domain are not only defined, but demonstrably effective, measurable and auditable across the R&D landscape.

You contribute directly to the PCA mission to be the head and the tail of security for our department’s solutions: shaping policies, standards and controls up‑front, and providing evidence‑based assurance at the back‑end. By shaping policies, standards and controls with assurance in mind, and by independently verifying their effectiveness, you strengthen ASML’s risk posture and license to operate.

Your work enables R&D teams to move fast while meeting internal, contractual and regulatory obligations.

Role and responsibilities

In this role, you are end‑to‑end responsible for assurance within a specific competence domain (e.g. Export Control, Cyber Security, Data Protection). You translate business and regulatory objectives into control objectives, lead assurance activities, drive continuous improvement based on risk and evidence, and ensure transparent compliance insight for leadership.

You operate as a trusted partner to the business, working closely with capability owners, control owners, risk teams and internal audit, while maintaining independent judgment. While you do not operate controls yourself, you shape how controls are designed, monitored and assessed.

Your main responsibilities include:

• Own and execute the assurance plan of your domain as part of the overall PCA planning cycle.
• Translate policies, standards, agreements and external obligations into clear control objectives.
• Lead assurance engagements within your domain, including continuous monitoring, assessments and control deep‑dives.
• Shape and maintain and domain‑specific content within the R&D Control Framework and Control Assurance Register.
• Define and monitor domain‑specific KPIs and KRIs, assessing control effectiveness and enabling data‑driven decision-making.
• Provide transparent compliance and assurance reporting to R&D leadership and executive stakeholders, aligned to business outcomes
• Identify structural risks and control weaknesses, and actively drive timely remediation together with control owners and risk teams.
• Periodically review policy exceptions and waivers to improve policies, standards, agreements, control design and risk appetite
• Support internal and external audits by providing domain expertise, evidence and assurance narratives.

Education and experience

• Bachelor’s or master’s degree in information security, engineering, risk management, compliance, law or a related field.
• At least 5 years of experience in assurance, risk management, compliance, auditing or control design in complex technical environments.
• Strong understanding of security and risk frameworks such as ISO/IEC 27001, NIST CSF or equivalent.
• Proven experience working with control frameworks, assurance registers, evidence management and audit processes.
• Familiarity with R&D, engineering or digital product landscapes and their associated risks.
• Demonstrated ability to operate independently and authoritatively in a multi‑stakeholder environment.
• Relevant certifications are a strong advantage.

Skills

Working at the cutting edge of technology and innovation means navigating complexity, ambiguity and change. You thrive in an environment where independence, collaboration and professional judgment are equally important.

To succeed in this role, you will need to:

• Apply a structured, independent assurance mindset focused on business outcomes and evidence.
• Analyze complex systems and processes and identify structural risk drivers.
• Communicate clearly and credibly with technical experts, business leaders and auditors.
• Influence stakeholders and challenge them constructively.
• Translate abstract requirements into practical, testable controls.
• Balance pragmatism with rigor in a fast‑paced R&D environment.
• Handle sensitive information with integrity, discretion and professionalism.
• Continuously deepen your domain expertise and assurance capabilities.

Other information

This position requires access to controlled technology, as defined in the United States Export Administration Regulations (15 C.F.R. § 730, et seq.). Qualified candidates must be legally authorized to access such controlled technology prior to beginning work. Business demands may require ASML to proceed with candidates who are immediately eligible to access controlled technology.

Inclusion and diversity

ASML is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that inclusion and diversity is a driving force in the success of our company.

Need to know more about applying for a job at ASML? Read our frequently asked questions.