蚂蚁金服Ant International-Enterprise Risk Management Senior Manager-Enterprise Risk Management

KEY PURPOSE OF ROLE The Country Security Lead (CSL) for ASML China acts as the local representative of the ASML CISO and protects and secures ASML’s Intellectual property, digital assets and technologies in China, in line with ASML’s Security strategy. The CSL for China develops and implements comprehensive security roadmaps for China, in close alignment with the local sector 1st line Security Risk Managers and the central 2nd line security team, to protect sensitive data against cyber and physical threats and ensures compliance with relevant regulations. ASML manages 1st line security via the sectors which creates a challenge on country level where multiple sectors can be represented. To manage security from a country point of view with local security risk managers reporting into the central sector SRM’s, ASML set up a Virtual Security Team (VST) to bring all relevant (security) representatives together in one virtual team to manage jointly security for China. The CSL forms and drives the Virtual Security Team (VST) in China, consisting of China’s first and second line security representatives and other relevant stakeholders, to improve the level of security maturity in China and report progress to the country’s Management Team. KEY RESPONSIBILITIES Overall: responsible for managing the China security organization on behalf of the CISO of ASML, driving the development and delivery of security services in China. Challenge and verify the adequate performance of security controls in China, against ASML and China risk appetite and as executed by the first line of responsibility in the sectors in China. Strategy: execute the central security strategy as determined by the CISO and adding country specific aspects to it to improve security maturity. Risk management: Collaboration with the 1st line sector SRMs to identify, assess and mitigate security risks, overseeing and reporting via the China Virtual Security Team (VST). Identify improvement opportunities together with the 1st line sector SRMs’ and the 2nd line team in terms of processes and activities. The CSL provides necessary support for improvements and will act in a pivotal role to bring (security) teams together where needed Incident response: overseeing the development of country specific response plans, assuring the timely and thorough handling of security indents under coordination of the central Security Operations Centre Compliance oversight: ensuring adherence to centrally determined or country specific laws and regulations related to information security. Team leadership & capability building: act on behalf of the CISO of ASML and work closely together with the 1st line country SRM’s to define and execute a joined security roadmap for China. Assure the capabilities as required by the central Second Line Security, Intelligence Fusion Centre and Security Operations Center teams are developed and maintained, as well as organizing Security activities related to risk culture and awareness initiatives. Will drive the preparation of a uniform reporting out to the China Country Management Team and align with the CISO and the VST team the agenda for these meetings. Stakeholder engagement: Providing regular updates, in alignment with the local first line sector Security Risk Managers of the VST, to senior management in China on the status of information security in China and the central information security program. Considering the given governance, this will always be in alignment with the respective 1st line SRM. Providing the general security training to all China staff to improve their awareness Some travel will be required to other ASML offices in China, and abroad (+/- 15%) KEY WORKING RELATIONSHIPS External: Security Vendors, Customers, Suppliers, (always in alignment with local account management and procurement teams, Industry Peers and Forums) Internal: ASML China IT, local ASML Sector Security Functions, RBA&S, Legal, Sectors

Ant International's Compliance and Risk Management Platform actively embraces increasingly stringent regulatory requirements worldwide. We leverage diverse thinking, platform capabilities, and innovative solutions to develop regulatory compliance technology products that serve global mobile payments, safeguarding the company from compliance, privacy, and financial risks. 1. Compliance Intelligence Center Development ● Lead the design and implementation of a global compliance monitoring & interpretation system, utilizing technical solutions (e.g., web crawlers) to track financial regulations, privacy laws (GDPR, CCPA), custodial fund policies, and other regulatory requirements across jurisdictions. ● Develop structured regulatory analysis tools to generate actionable compliance recommendations, collaborating with compliance teams to drive internal remediation. ● Establish a regulatory risk early-warning mechanism to provide proactive compliance support for global business expansion. 2. Legal Contract Center Development ● Build an end-to-end contract lifecycle management platform covering drafting, approval, signing, performance monitoring, and archiving. ● Partner with legal teams to design intelligent contract review modules (e.g., clause compliance verification, risk clause alerts). ● Create a centralized contract data repository enabling multi-dimensional search and statistical analysis to enhance legal operational efficiency. 3. Risk Assessment Product Development ● Develop enterprise-level risk evaluation tools to standardize requirement review processes (e.g., data security, fund flow analysis, technical compliance). ● Design automated risk assessment models integrating cross-departmental data to balance review efficiency and risk control effectiveness. ● Deliver visualized risk dashboards to facilitate executive decision-making and cross-functional collaboration. 4. Cross-functional Collaboration ● Coordinate with compliance, legal, privacy, and technology teams to implement risk control products across all business lines. ● Continuously monitor payment industry regulatory trends and refine product strategies to address emerging risks.

Build and foster relationships with senior executives in business, product, engineering, finance and tech within customers’ organization Drive overall account health including product development, payments performance, cost optimization, account renewals & growth, and customer satisfaction Support expansion of your customers, identify opportunities, drive business outcomes, and ensure customers are satisfied with Antom services Coordinate with internal cross-functional stakeholders (including financial institution business development, product, tech, legal, and compliance) to launch projects for customers Leverage industry knowledge to set account strategies, and execute deals and initiatives Manage strategic planning and negotiation/expansion with our customers Manage multiple stakeholders with varying priorities and drive creative solutions and commitment to a shared goal

• A proven track record of implementing, delivering large projects and communicating effectively at executive level • Manage a portfolio of critical security offerings and services that are internal and external facing • Excellent program and project management skills, with the ability to work in a fast-paced environment • Effective prioritization of tasks, and seamless operation across organizational boundaries • Building and deploying training programs for all users in the Greater China Region • Brief customers on AWS CIRT and AWS Security Incident Response service • Continuously prioritize risk for service teams, security teams, and executive leadership • Collaborate with business/service teams to understand and confirm security assessment scope and controls design