At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.
The Position
The Senior Security Engineer plays a vital role in protecting Roche Manufacturing systems and networks against cybersecurity threats. This role is responsible for local architecture and engineering support, helping system owners and administrators in keeping their manufacturing environment up to date with the latest Roche Manufacturing Cybersecurity standards, baselines and industry best practices. Some of this role’s responsibilities are:
Taking part in technical design reviews, integration, testing, and documentation activities concerning new OT systems and/or changes to existing manufacturing system or infrastructure
Supporting development of Manufacturing Cybersecurity standards and baselines OT Cybersecurity Advisor during OT System planning phase and OT System Risk Assessment process
Advising System Owners in selecting appropriate security measures to mitigate risk
Coordinating of OT services and activities delivered by Vendors
Reviewing local technical designs as part of Manufacturing Cybersecurity Requests (in ServiceNow)
Designing and sustaining OT Security Monitoring (IIDS) at the Manufacturing Site
Providing technical support during Incident Response process including steps to minimize the impact, conducting a technical and forensic investigation into how the breach happened and the extent of the damage
Working closely with System Owners, Cybersecurity Site Representative and is a catalyst for cross-site collaboration on topics related to Manufacturing Cybersecurity
The Senior Security Engineer is a member of the Manufacturing Cybersecurity Engineering team led by the Head of Manufacturing Cybersecurity Engineering and part of the Security Platforms subfunction in the Information Security function at Roche.
Job Responsibilities
Independently manages end-to-end security analysis tasks across various capabilities and contributes to more complex problems
Mentors more junior team members and contributes to the development of security best practices
Stakeholder Management
Identifies a diverse range of security stakeholders across functional areas and effectively manages relationships to build reliance through deep business and technical understanding, acting as a trusted advisor
Acts as a strategic influencer, defining and driving stakeholder engagement strategies for complex initiatives, facilitating workshops, resolving conflicts, and proactively shaping stakeholder perspectives to align with project goals
Impact/Strategy
Demonstrates strong and consistent performance across diverse products, with an impact that typically extends to a specific product, initiative, or cluster
Translates requirements into strategic implementation plans that align with overall business objectives, and takes a proactive role in shaping team processes Complexity
Manages business analysis activities on more complex projects or across multiple products within a domain
Capable of handling ambiguous requirements, navigating intricate stakeholder environments, and evaluating solution impacts considering both immediate and longer-term implications within the domain
Business/Technical ability
Demonstrates a strong understanding of the business domain, related technologies, and their interdependencies
Can independently apply tools, principles, concepts, and techniques related to requirements, data, usability, and process analysis, effectively managing interconnections to improve overall efficiency and effectiveness
Qualifications
Education / Experience
Experience independently managing end-to-end security analysis tasks and leading the analysis of moderately complex cybersecurity incidents or vulnerabilities
Demonstrated ability to effectively manage relationships with a diverse range of cross-functional stakeholders on medium to large-sized engagements, acting as a trusted advisor
Proven track record of championing accountability by example, such as successfully taking on security incident lead and/or security project owner roles
Bachelor’s degree in Computing Engineering, Automation Engineering or similar is an asset.
Technical Skills
Minimum 5 years of experience in the IT Security field
Very good knowledge about local manufacturing and automation systems in use according to the current industry standards is an asset
Strong proficiency in independently applying tools, principles, and concepts related to requirements, data, usability, and process analysis within the security domain
Ability to analyze technology fit and propose effective, strategically aligned cybersecurity solutions and controls
Additional Qualifications
The following skills and/or qualifications are an asset:
Expertise in anti-virus software, intrusion detection, firewalls and content filtering in OT
Knowledge of risk assessment tools, technologies and methods
Expertise in designing secure networks, systems and application architectures
Disaster recovery, computer forensic tools, technologies and methods
System administration, supporting multiple platforms and applications
Endpoint security solutions, including file integrity monitoring
Deep understanding of cybersecurity terms and principles (defense-in-depth, network segmentation, security monitoring and incident response, access management, OT patch management, secure remote access, anti-malware protection etc.)
Advanced knowledge on networking (LAN/WAN) and industrial networking including significant low-level networking experience with the TCP/IP (Transmission Control Protocol/Internet Protocol)
Solid knowledge on IT and OT infrastructure, including PLC security and protection
Current knowledge of technology capabilities and trends; types, and techniques of hacking
attacks
Java, Net, C++, Python, bash, power shell
One of five potential security-related certifications (Certified Ethical Hacker (CEH), CompTIA Security+, Certified Information System Security Professional (CISSP), ISA/IEC 62443 Cybersecurity Specialist certification, Global Industrial Cyber Security Professional (GICSP))
Solid knowledge on IT infrastructure and service deployment model within Roche
Good knowledge of the Roche IT Security Standards
Who we are
A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.
Let’s build a healthier future, together.
Roche is an Equal Opportunity Employer.