Roche fosters diversity, equity and inclusion, representing the communities we serve. When dealing with healthcare on a global scale, diversity is an essential ingredient to success. We believe that inclusion is key to understanding people's varied healthcare needs. Together, we embrace individuality and share a passion for exceptional care. Join Roche, where every voice matters.
The Position Your main responsibilities: Conducting Incident Response, vulnerability scanning and other security testing activities proactively identifying flaws in Roche's product security, assesses patient safety and business risk, and advises product managers on remediation steps.
Handling security incidents at all technology layers, evaluating the criticality for adequate prioritization and providing the most suitable remediation, working directly with the product teams as a trusted advisor.
Analyzing log files, alerts, binary data dumps, network packet captures and other artifacts/evidence to trace attack paths during incident response and provide forensic expertise to determine the root cause of the breach. Gathers Threat Intelligence to identify and prepare for cyber threats to Roche products and enhance security monitoring and breach detection.
End-to-end accountable for security operations activities, prioritization and coordination of tasks during isolation, containment, analysis, and remediation of security incidents and breaches.
Providing expertise to answer inquiries, pre-sales requests, M&A, contract negotiations and other cybersecurity-related customer support & contributing to initiatives within the Diagnostic Division to achieve the integration of cybersecurity capabilities into products in collaboration with other multi-disciplinary teams.
Who you are: You hold a BS degree in Business, Information Systems, Computer Science or a directly related discipline and you have 4 years of relevant experience in similar roles OR you hold an MS degree in a directly related discipline and 2 years of relevant experience in similar roles OR a PhD degree in a directly related discipline.
You have demonstrated experience in Cloud computing technologies, full stack deployments, etc. & in threat and vulnerability management, security testing, and incident response. Also with automating security controls (e.g. shell scripting, Python).
You have in-depth experience in managing information security and privacy risks and threat modeling; in system and cloud infrastructure hardening and monitoring & understanding of threat modeling, MITRE Attack, Kill Chain Analysis and other industry standard assessment methods.
You sound understanding of agile software development processes like SCRUM or SAFe (Scaled Agile Framework).
You have in-depth specialist knowledge in one of the following or related fields:
Malware analysis and reverse engineering
Incident response and computer forensic analysis
Endpoint detection and response (EDR/XDR)
SIEM solutions administration and security monitoring
Network security and monitoring including Firewalls and IDS/IPS solutions
Penetration testing
Secure DevOps (DevSecOps)
Threat Intelligence
What do we offer? We offer competitive compensation and excellent social benefits like flexible work schedule and home office policies, medical insurance, pension plan, allowances for marriage and birth, training related to your career development, gym, meal allowance, flexible remuneration scheme with its fiscal advantages and other benefits.
Who we are At Roche, more than 100,000 people across 100 countries are pushing back the frontiers of healthcare. Working together, we've become one of the world's leading research-focused healthcare groups. Our success is built on innovation, curiosity and diversity.
Roche is an Equal Opportunity Employer.
#J-18808-Ljbffr