Roche fosters diversity, equity and inclusion, representing the communities we serve. When dealing with healthcare on a global scale, diversity is an essential ingredient to success. We believe that inclusion is key to understanding people’s varied healthcare needs. Together, we embrace individuality and share a passion for exceptional care. Join Roche, where every voice matters.
The Position
Who We Are
A healthier future. It’s what drives us to innovate.
To continuously advance science and ensure everyone has access to the healthcare they need today and for generations to come. Creating a world where we all have more time with the people we love.
That’s what makes us Roche.
The role
Data security and privacy are key success factors in our digital transformation and essential to reach our ambitions. You are inspired to give to the overall Roche Diagnostics vision by applying end-to-end Division-wide product security and privacy operations to keep our products and services secure and privacy compliant throughout the entire lifecycle. You believe in the potential of science, technology, data and insights to improve the standard of care for humankind and you are eager to help navigate through unchartered territory to lift this potential.
Responsibilities
-
Defining security and privacy requirements for Roche products, medical devices or health/clinical solutions both in the cloud and on-premises during all product software development lifecycle.
-
Contributing to the development and support implementation of security and privacy risk management framework across the product lifecycle.
-
Supporting in the definition, implementation and maintenance of product security and privacy control measures for a product or platform, considering changes in technology, regulations and customer needs.
-
Managing vulnerabilities at all technology layers during pre and post market activities of the product or platform, making sure they are fixed in a timely manner.
-
Supporting the security testing activities (SCA, SAST, DAST, IAC, etc.) for a given product, helping to automate execution and deliverables and support on the remediation activities.
-
Conducting planning and coordination of external security testing activities (verification & validation) and remediation plans (e.g. pentest).
-
Supporting security incident response and forensic activities working directly with the Roche Intelligence and Defense teams.
Who you are
-
BA/BS in Engineering, Computer Science or relevant area of study required.
-
Security industry certifications such as SANS GIAC (GCIH, GPEN, GCIA, GCFA, etc.), CEH, CISSP, CSSP, CISA, etc.
-
Minimum of 7+ years of related work experience in security engineering, security operations, vulnerability management or application security.
-
Demonstrated experience working with product software development and cloud platform teams, preferably in international companies in the healthcare or regulated industries.
-
In-depth experience in analyzing product security posture, threat and risk landscape, performing threat modeling and defining adequate security and data privacy controls to mitigate risks.
-
Excellent interpersonal skills with high cross-cultural sensitivity; ability to collaborate and communicate across multiple international teams; commitment to working as a team player across Business Areas and Divisions.
Location
You will be based in one of RIS’ strategic locations (Sant Cugat, Rotkreuz, Pune, Santa Clara) . At the Company's discretion, an exception to the location requirement could be made under extraordinary circumstances. As this position is a global role, international business travel will be required depending upon the business location of the successful candidate and ongoing business project activities.
Who we are
At Roche, more than 100,000 people across 100 countries are pushing back the frontiers of healthcare. Working together, we’ve become one of the world’s leading research-focused healthcare groups. Our success is built on innovation, curiosity and diversity.
Roche is an Equal Opportunity Employer.
Top Skills
What We Do
Roche is a global pioneer in pharmaceuticals and diagnostics focused on advancing science to improve people’s lives. The combined strengths of pharmaceuticals and diagnostics under one roof have made Roche the leader in personalised healthcare – a strategy that aims to fit the right treatment to each patient in the best way possible.
Roche is the world’s largest biotech company, with truly differentiated medicines in oncology, immunology, infectious diseases, ophthalmology and diseases of the central nervous system. Roche is also the world leader in in vitro diagnostics and tissue-based cancer diagnostics, and a frontrunner in diabetes management.
Founded in 1896, Roche continues to search for better ways to prevent, diagnose and treat diseases and make a sustainable contribution to society. The company also aims to improve patient access to medical innovations by working with all relevant stakeholders. Thirty medicines developed by Roche are included in the World Health Organization Model Lists of Essential Medicines, among them life-saving antibiotics, antimalarials and cancer medicines. Roche has been recognised as the Group Leader in sustainability within the Pharmaceuticals, Biotechnology & Life Sciences Industry ten years in a row by the Dow Jones Sustainability Indices (DJSI).
