At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.
At the heart of our digital security is the trust we build through encrypted communication. As PKI Engineer, you will join our Identity and Access Management (IAM) team to help manage the core certificate infrastructure. You’ll be instrumental in ensuring that our digital certificates are issued, tracked, and renewed without a hitch
This is a growth-oriented role where you will learn to navigate complex security infrastructures while contributing to the automation of high-volume security tasks.
Job Responsibilities
Scope
Assist in the day-to-day administration of Microsoft Active Directory Certificate Services (AD CS), including template management and troubleshooting.
Leverage Keyfactor Command to monitor certificate health, identify expiring assets, and assist in the cleanup of "rogue" or unknown certificates.
Support the deployment and troubleshooting of ACME clients for automated certificate issuance across our web server environment.
Participate in the automation of routine certificate tasks using Version Control systems and scripting as required (PowerShell or Python).
Document PKI processes and maintain the Certificate Policy/Certification Practice Statement (CP/CPS) records.
Collaborate with senior engineers to orchestrate certificate distribution to load balancers, firewalls, and application servers.
Impact/Strategy
Contributes to projects or workgroups by providing well-analyzed requirements and supporting the design of solutions that align with business objectives within their specified area
Demonstrates growing autonomy and expertise within their specific domain by translating requirements into a strategic plan with supervision, and may identify opportunities for minor process improvements within their immediate scope
Complexity
Works on a product or larger contexts, handling requirements and analysis for specific features or components
Can navigate moderate levels of complexity in requirements and stakeholder landscapes
Begins to understand sources of influence and analyze business problems/opportunities within this product context, starting to map basic interconnections
Business/Technical ability
Possesses a working knowledge of the relevant business domain and supporting technologies
Understands sources of influence, comprehending internal and external factors affecting the problem space, and is capable of identifying and analyzing basic business problems or opportunities holistically
Who You Are
Qualifications
Education / Experience
Experience: 3–5 years in IT infrastructure, security, or a systems administration role.
Education: Bachelor’s Degree in Computer Science, Cyber Security, or equivalent practical experience.
Working knowledge of relevant business domains and supporting cybersecurity technologies
Experience in conducting stakeholder interviews, synthesizing requirements, and mapping/analyzing current processes
Demonstrated ability to independently handle less complex tasks and contribute to various stages of the security and business analysis lifecycle
Technical Skills
A solid understanding of cryptography basics (Symmetric vs. Asymmetric, Hashing, Digital Signatures).
Experience with Windows Server and Active Directory. Exposure to web servers like IIS, Apache, or Nginx. Comfortable using Git for basic file management and collaboration.
Knowledge of the ACME protocol or experience using tools like Certbot.
Familiarity with PowerShell or Python for automating repetitive tasks.
A desire to earn certifications like CompTIA Security+ or Microsoft Identity and Access Administrator (SC-300).
Understanding of Zero Trust principles, authentication factors and cryptography.
Strong communication skills to convey technical concepts to diverse audiences and demonstrated success working collaboratively in Agile environments, contributing to cross-functional teams.
Experience with version control systems (Git), CI/CD pipelines for secure code deployment, and optional scripting expertise with Curl, Python, Bash, or PowerShell. Strong debugging and problem-solving skills
Additional Qualifications
A mindset of continuous improvement with a proactive approach to identifying solution-level issues, gaps, or inefficiencies
Strong analytical and logical reasoning skills to identify discrepancies, challenge assumptions, and confidently present solutions
A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.
Let’s build a healthier future, together.
Roche is an Equal Opportunity Employer.