At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections,  where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

We are seeking an experienced Cybersecurity Analyst with expertise and focus on data security (data loss prevention mechanisms, insider threats detection mechanisms, and related) to join the Global Monitoring and Incident Response team. In this role, you will be responsible for designing, implementing, and monitoring controls and technologies around data storage and data transfers aligned with the Roche Group’s IT Security strategy. Using modern tools and partnering with multiple business units globally, you will help the Roche group keep information safe. 

Responsibilities:

- Contribute to the definition of data security strategy and operating models around collaboration platforms such as Salesforce, Google Workspace, Microsoft Office365, Box.com, Alibaba drive, Tencent Drive, Veeva Docs, etc.

- Articulate and contribute to the strategic direction of the organization regarding data security, ensuring alignment with strategic themes, while performing analyst duties.

- Support the adoption of best practices for data security across internally developed  applications, through developer education and auditing of controls.

- Design and implement a baselining process, supporting a regular review of the network applications and protocols in use in the environment.

- Design, develop, implement, and maintain detection use cases leading to the creation of investigations and refinement of data security controls in the environment.

- Run investigations related to data security and collaborate with various teams across the organization, such as Legal, Internal Investigations, Data Privacy, etc.

- Collaborate with cross-functional teams to implement security controls, mitigate risks, and enhance the overall security posture.

- Establish rapport and act as a liaison with various internal audit, compliance, scientific, regulatory, and legal teams to address security concerns, and translate requirements into technical controls within the environment when applicable. 

- Assess requirements of the various lines of business and align solutions to balance enablement of the business with appropriate security controls.

- Participate and provide support to the rest of the Monitoring and Incident Response team during exercises and incidents.
 

Qualifications:

- Bachelor's degree in Computer Science, Information Technology, or related field; or at least four years of equivalent work experience.

-  3+ years experience in Data Loss Prevention and Insider Threat is required; demonstrable passion for this area of security is highly desired.

- 1 -2 years experience with deploying, configuring, and maintaining commercial DLP solutions or ecosystems such as Google Beyond Corp Enterprise, or Microsoft  Purview.

- Experience developing custom tools or scripts for security automation and incident response. Proficiency in scripting languages, Python, Go, PowerShell, or Bash scripting, is a must.

- Experience with large dataset manipulation, transformation, is desired. Experience with Splunk, BigQuery, is a plus.

- Relevant cyber security certifications, such as CISSP, ITPM or GIAC certifications, are optional but highly desired.

- Knowledge of the investigative process for DFIR and user-centric investigations. 
- Excellent analytical skills, attention to detail, and problem-solving abilities. Ability to work independently, or in a team capacity, with minimal supervision to design, implement, and manage DLP solutions, is expected.

- Effective English writing and communication skills, with the ability to clearly articulate technical controls and recommendations to both technical and non-technical stakeholders.

- Familiarity with the common data classification frameworks is a plus. 

- International experience in a global organization is a plus.

A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let’s build a healthier future, together.

Roche is an Equal Opportunity Employer.