At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.
The Position
As a Web Access Management Engineer specializing in Authentication, you will be a core member of our Identity and Access Management product team, responsible for designing, building, and maintaining secure and seamless authentication experiences for our enterprise on-prem and SaaS platforms. You will play a crucial role in integrating and implementing various authentication and authorization protocols, ensuring our applications are protected against evolving cyber threats while delivering a frictionless user experience.
The Opportunity
Responsibilities
Authentication & Authorization Implementation
- Design, test, and deploy reusable authentication and authorization components across the enterprise while adhering to security best practices and architectural guidelines
- Implement enterprise IAM solutions and integrate with identity providers (IdPs) using protocols like SAML, OAuth, and OpenID Connect (OIDC) to support Single Sign-On (SSO)
- Implement and manage secure MFA mechanisms, including exploring and deploying passwordless authentication solutions to enhance user security
- Develop hands-on experience with token-based authentication (JWT), session management, and secure communication via RESTful APIs and HTTP/HTTPS
API Security & Backend Integration
- Collaborate with backend developers to define and implement robust API security measures, including token validation and authorization mechanisms
- Ensure secure integration across authentication flows and establish security standards for token handling and authorization frameworks
Production Support & Incident Management
- Apply ITIL principles to troubleshoot authentication issues in production environments and participate in change management processes
- Work with security teams to mitigate authentication vulnerabilities and perform root-cause analysis on authentication-related incidents
- Investigate security incidents and perform vulnerability assessments on authentication systems
Continuous Learning & Evolution
- Stay updated on cutting-edge authentication technologies, security threats, and industry best practices to continuously improve security systems
- Demonstrate a mindset of continuous improvement with a proactive approach to identifying solution-level issues, gaps, or inefficiencies
- Contribute to minor process improvements within your immediate scope and identify opportunities for technical refinement
Stakeholder Collaboration & Communication
- Work closely with product managers, security engineers, and developers to create secure and user-friendly authentication flows that meet business and technical requirements
- Identify key business, technical, and security stakeholders for assigned tasks, analyzing their needs and interests regarding security posture and risk
- Develop and deliver tailored communication for security tasks and incident updates
- Facilitate meetings and proactively engage with stakeholders to elicit, clarify, and validate security requirements
Feature Development & Reliability
- Develop and maintain reliable and scalable authentication and authorization features to ensure the adoption of security best practices across the organization
- Contribute to projects by providing well-analyzed requirements and supporting the design of solutions that align with business objectives
- Translate requirements into strategic plans with appropriate oversight and demonstrate growing autonomy within your domain
Who You Are
Experience & Education
- 3-5 years of experience as a Web Developer with a significant focus on authentication and authorization implementations
- Bachelor's Degree in Computer Science, Software Engineering, or a related discipline, or equivalent practical experience
- Experience in conducting stakeholder interviews, synthesizing requirements, and mapping/analyzing current processes
- Demonstrated ability to independently handle less complex tasks and contribute to various stages of the security and business analysis lifecycle
- Working knowledge of relevant business domains and supporting cybersecurity technologies
Technical Expertise
- Strong proficiency in web development frameworks and languages (React, Angular, Vue.js, Node.js, Python, Java, C#)
- Demonstrable experience working with Identity and Access Management (IAM) solutions such as Okta, Entra ID (Azure AD), Ping Identity, Auth0, or similar
- Practical experience with SAML, OAuth 2.0, and OpenID Connect (OIDC) protocols
- Experience implementing and integrating various MFA methods (TOTP, FIDO2/WebAuthn, biometric authentication, YubiKey)
- Familiarity with secure coding practices and common web application vulnerabilities (OWASP Top 10)
- Skilled in modern web development frameworks and programming languages (JavaScript/TypeScript, Python, Java, Go, C#)
- Experience with version control systems (Git), CI/CD pipelines for secure code deployment
- Optional scripting expertise with Python, Bash, or PowerShell
- Understanding of Zero Trust principles, authentication factors (FIDO2/WebAuthn, biometrics, magic links)
- Knowledge of user provisioning methods (JIT) and directory services (LDAP, Active Directory)
- Strong debugging and problem-solving skills, particularly with complex authentication flows
Professional Qualities
- Strong communication skills to convey technical concepts to diverse audiences
- Demonstrated success working collaboratively in Agile environments and contributing to cross-functional teams
- Strong analytical and logical reasoning skills to identify discrepancies, challenge assumptions, and confidently present solutions
- Ability to navigate moderate levels of complexity in requirements and stakeholder landscapes
- Growing understanding of sources of influence and ability to analyze business problems/opportunities within your product context
- Capability to break down complex technical concepts with minimal guidance
- Proactive mindset with a focus on identifying and addressing inefficiencies and gaps
If you are a talented web developer with a passion for building secure, user-centric authentication solutions, we'd like to hear from you. This is an excellent opportunity to grow your expertise in identity and access management while working on enterprise-scale platforms that impact global security operations.
Relocation benefits are not available for this job posting.
Who we are
A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.
Let’s build a healthier future, together.
Roche is an Equal Opportunity Employer.