The Position
The Global Security, Monitoring and Incident Response (MIR) team at Roche strives to keep our networks and users safe from constantly evolving threats. As a Cybersecurity Analyst, you will help protect proprietary information, patient data, keep computer systems clean, and provide a safe information environment for our users. All analysts are responsible for monitoring security information, identifying threats, and taking actions to defend all Roche information systems.
This is an On-Site position based in Madrid, Spain, and part of a round robin on-call schedule to cover weekends, with recuperation.
The Opportunity:
As a Cybersecurity Analyst in the Monitoring and Incident Response team, you will partner with other security experts to proactively identify areas of improvement, design and validate preventative and detective controls, as well as design response strategies within a global enterprise. You will leverage your knowledge, technical abilities, and creativity to navigate a diverse set of security-related logs and telemetry. In addition to hunting, you will work to identify and address visibility and logging deficiencies within the network.
You triage and investigate reported security incidents.
Refine incident management processes and response processes.
You maintain awareness of emerging threats, vulnerabilities, and security trends to proactively identify and address potential risks impacting all members of the Roche group.
Address questions of end users related to IT security topics through our communication channels.
Who you are:
You hold a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or at least four years of equivalent work experience in the information security field.
You have experience driving threat hunting, incident response, or data protection missions and have a solid understanding of the most common security vulnerabilities and attack vectors, as well as their respective mitigation strategies.
Proficiency with scripting or programming languages such as Python, Powershell/C#, Bash.
Industry relevant certifications such as BTL1/2, GMON, GCIH, GCFA, GREM, are appreciated but not mandatory.
You are proficient in clearly articulating technical findings and recommendations to both technical and non-technical stakeholders, and the capability to work independently or as part of a team.
You have a passion for the field of computer and network security.
Preferred:
You have experience responding to incidents in cloud environments as well as Network and Endpoint security monitoring experience in a large sophisticated environment.
Demonstrated ability to analyze, triage, and escalate information security incidents as well as being familiar with various defensive and offensive security tool sets.
You are comfortable challenging the status quo to improve the security posture of the Roche group and have the ability to work within security frameworks and methodologies (e.g. ATT&CK, STRIDE).
Experience with Google Workspace, Microsoft Office 365, Entra ID, Sharepoint Online, PAN XDR, Splunk, BigQuery and threat intel platforms such as MISP, OpenCTI.
You are proficient in English, German is a plus as well as experience working with a global team and organization.
Relocation benefits are not available for this posting.
Genentech is an equal opportunity employer, and we embrace the increasingly diverse world around us. Genentech prohibits unlawful discrimination based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin or ancestry, age, disability, marital status, and veteran status.
#J-18808-Ljbffr
