RIS ramp up 2025 - Product Cybersecurity Analyst

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections,  where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

The Position

Responsibilities:

• Support in identifying potential security issues in our products and assess their potential impact on patient safety and business operations.
   

• Assist in analyzing security logs, alerts, and other data to help trace potential attack paths and support incident investigations.
   

• Participate in security incident response activities, helping with coordination during containment, investigation, and remediation.
   

• Perform basic vulnerability scanning, assist in monitoring results, and help coordinate follow-up actions with product teams.
   

• Collaborate with more experienced team members to evaluate and prioritize security issues and suggest remediation steps.
   

• Help gather and organize threat intelligence to improve detection and response capabilities.
   

• Support customer-related security requests, including basic documentation or data gathering for audits, contract reviews, and questionnaires.
   

• Contribute to cross-functional projects aimed at improving security in our products by working closely with software developers, architects, and QA teams.
   

• Help document and improve processes, playbooks, and security tools used by the team.
   

• Maintain product security awareness through training and internal collaboration.
   

• Learn from and be guided by more experienced team members to grow in areas such as incident response, threat hunting, and secure development practices.
   

Qualifications:

• 2–5 years of experience in information security, IT operations, or software development with some exposure to security topics.
   

• Familiarity with cloud environments (e.g., AWS, Azure, or GCP) and general infrastructure concepts.
   

• Basic knowledge of security fundamentals such as authentication, encryption, network security, and application security.
   

• Interest in scripting or automation using tools like Python, Bash, or PowerShell.
   

• Understanding of key security frameworks or models such as OWASP Top 10, MITRE ATT&CK, or NIST.
   

• Willingness to learn and grow into areas like incident response, malware analysis, secure DevOps, and threat intelligence.
   

• Good communication skills and ability to work collaboratively in a team setting.
   

• Awareness of Agile development practices like Scrum or SAFe is a plus.
   

Nice to Have (But Not Required):

• Hands-on experience with SIEMs, EDR/XDR platforms, or basic forensic tools.
   

• Certifications such as Security+, GSEC, or any cloud security foundations certification.
   

• Exposure to secure coding practices, DevSecOps concepts, or penetration testing tools.

Who we are

A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let’s build a healthier future, together.

Roche is an Equal Opportunity Employer.