At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections,  where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

The Position

We are seeking a highly skilled DevSecOps Security Engineer to join our team and play a pivotal role in ensuring the security of our applications and infrastructure.

As a DevSecOps Security Engineer, you will be responsible for:

Security Leadership:

• Provide technical leadership and mentorship to team members, fostering a security-first culture.

• Collaborate with security architects and teams to define and implement security strategies and best practices.

• Stay up-to-date with emerging security threats and trends, and recommend appropriate countermeasures.

Embedded Security Tool Expertise:

• Be a hands-on expert in embedded security tools, such as SonarQube, Mend, Sysdig, IriusRisk, Defect Dojo, and Dependency Track.

• Configure, maintain, and optimize these tools to ensure effective security monitoring and analysis.

DevSecOps Integration:

• Integrate security tools and processes into the DevSecOps pipeline, ensuring that security is considered throughout the development lifecycle.

• Collaborate with DevOps teams to automate security testing and remediation activities.

Security Training and Awareness:

• Develop and deliver security training programs to educate team members and stakeholders about security best practices and threats.

• Promote a security-conscious culture within the organization.

Continuous Improvement:

• Identify opportunities for improvement in security processes and tools.

• Drive continuous improvement initiatives to enhance the organization's security posture.

Documentation and Reporting:

• Maintain comprehensive documentation of security policies, procedures, and standards.

• Prepare regular security reports and dashboards to inform stakeholders about the organization's security status.

Qualifications

• Strong experience in DevSecOps methodologies and tools

• Deep understanding of security principles, practices, and frameworks

• Proficiency in security tools and technologies (e.g., vulnerability scanners, intrusion detection systems, encryption tools)

• Experience with cloud platforms (e.g., AWS, Azure, GCP)

• Excellent communication and collaboration skills

• Preferred certifications: CISSP, CISM, CEH

Collaboration

• Demonstrate excellent communication skills.

• Collaborate with external offshore vendors team to increase the value delivery.

• Collaborate with vendors like Mend, SonarQube, GitHub, or GitLab to renew or procure the permits/licenses, support etc.

• Collaborate with security teams.

Driving alignment with Developer Platforms Product Line strategy

• Understand and document the Developer Platforms Product Line leadership’s vision and requirements.

• Build relationships with the appropriate customer Product Teams and stakeholders to understand their needs and requirements.

• Identify the gaps in toolset needs from the customer Product Team to what Developer Platforms Product Line offers.

• Define a vision for the Developer Platforms Product Line operating model and toolset service model.

• Build a development, process, and strategy backlog (e.g., a formal backlog in JIRA) to achieve the Developer Platforms Product Line vision.

• Share and obtain approval for Service Model recommendations.

• Support delivery of the agreed-upon vision.

You will work in an agile, capacity-based model to continually prioritize project needs using traditional agile sprint reviews with Roche’s Developer Platforms Product Line leadership, to review progress and align on upcoming priorities.

#LI-DNI

Who we are

A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let’s build a healthier future, together.

Roche is an Equal Opportunity Employer.