.Roche fosters diversity, equity and inclusion, representing the communities we serve. When dealing with healthcare on a global scale, diversity is an essential ingredient to success. We believe that inclusion is key to understanding people's varied healthcare needs. Together, we embrace individuality and share a passion for exceptional care. Join Roche, where every voice matters.The PositionYour main responsibilities:Conducting Incident Response, vulnerability scanning and other security testing activities proactively identifying flaws in Roche's product security, assesses patient safety and business risk, and advises product managers on remediation steps.Handling security incidents at all technology layers, evaluating the criticality for adequate prioritization and providing the most suitable remediation, working directly with the product teams as a trusted advisor.Analyzing log files, alerts, binary data dumps, network packet captures and other artifacts/evidence to trace attack paths during incident response and provide forensic expertise to determine the root cause of the breach. Gathers Threat Intelligence to identify and prepare for cyber threats to Roche products and enhance security monitoring and breach detection.End-to-end accountable for security operations activities, prioritization and coordination of tasks during isolation, containment, analysis, and remediation of security incidents and breaches.Providing expertise to answer inquiries, pre-sales requests, M&A, contract negotiations and other cybersecurity-related customer support & contributing to initiatives within the Diagnostic Division to achieve the integration of cybersecurity capabilities into products in collaboration with other multi-disciplinary teams.Who you are:You hold a BS degree in Business, Information Systems, Computer Science or a directly related discipline and you have 4 years of relevant experience in similar roles OR you hold an MS degree in a directly related discipline and 2 years of relevant experience in similar roles OR a PhD degree in a directly related discipline.You have demonstrated experience in Cloud computing technologies, full stack deployments, etc. & in threat and vulnerability management, security testing, and incident response. Also with automating security controls (e.G. shell scripting, Python).You have in-depth experience in managing information security and privacy risks and threat modeling; in system and cloud infrastructure hardening and monitoring & understanding of threat modeling, MITRE Attack, Kill Chain Analysis and other industry standard assessment methods.You sound understanding of agile software development processes like SCRUM or SAFe (Scaled Agile Framework)