At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.
The Opportunity:
The Global Security Monitoring and Incident Response (MIR) team at Roche strives to keep our networks and users safe from constantly evolving threats.
As a CyberSecurity Analyst -Monitoring & Incident Response, you will help protect proprietary information, patient data, keep computer systems clean, and provide a safe information environment for our users. Combing through massive amounts of signals, you will have to identify signs of abuse or compromise of on-premise as well as cloud resources. All team members share a set of core responsibilities, handling incidents, requests from experts, as well as enquiries from end users. CyberSecurity Analysts are responsible for monitoring security information, identifying threats, and showing initiative to defend all Roche information systems.
Note: As an incident responder, you are expected to take part in an on call rotation during weekends and can be mobilized during major incidents.
Responsibilities:
Monitoring and Incident Response for a global environment
Take decisions, often under pressure, given partial information
Contribute to proactive threat detection efforts
Lead containment and remediation efforts during active security incidents
Perform forensic analysis of relevant artifacts to support investigations
Contribute to detection engineering activities across a global team
Brief team members and leadership on relevant threats to the Roche group
Communicate information security concepts and situations to senior management
Contribute operational feedback to continuously strengthen detection and response processes
Mentor newer team members
Who You Are:
Bachelor’s degree in a technical field and 7+ years of experience in information security, including at least 3 years in a SOC/CERT/CSIRT environment
Familiarity with TLP and information sharing best practices
Ability to communicate information security-related concepts and situations to a non-technical audience
Demonstrated ability to analyze, triage, and escalate information security incidents
Knowledge of detection engineering and threat-hunting concepts
Scripting and programming skills (Python, Javascript, Go, Rust, …)
Demonstrated knowledge of operating systems (Windows, Linux, macOs)
Excellent organization and communication skills.
Fluent spoken and written English
Preferred Qualifications:
Network and Endpoint security monitoring experience in a large complex environment
Prior exposure to privacy frameworks in the context of IT security monitoring
Knowledge of modern IAM controls and concepts (Zero Trust, Identity Aware Proxies, Active Directory Security, …)
Knowledge of Cloud security concepts (multi-cloud environments, CSPM, …)
A passion for the field of computer and network security
Familiarity with various defensive AND offensive security toolsets
Public speaking or mentoring experience
Relocation benefits are not available for this job posting
A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.
Let’s build a healthier future, together.
Roche is an Equal Opportunity Employer.