Senior DevSecOps Engineer - Cybersecurity

• Evaluate, select, design, and configure security infrastructure systems in a global environment.
• Identify, integrate, monitor, and improve infosec controls by understanding business processes.
• Assist with complex projects and automation of day-to-day security operations to improve SLA.
• Automate Incident response process using open-source or industry-standard tools and frameworks.
• Roll-out of new cross-cutting technologies - container clusters and service mesh, secrets management, monitoring, and logging solutions.
• Spend time with security ensuring that their needs are built into automated guardrails for developer resources.
• Own and ensure that internal and external SLA’s meet and exceed expectations, Security Engineering centric KPIs are continuously monitored and improved.
• Participate in on-call rotation to provide infrastructure support, incident management, and troubleshooting.

You have a University degree in computer science, engineering, or other related fields, or equivalent experience, with moderate experience working in a multicultural environment and proven cultural awareness.

• 3+ years related technical experience in Platform Security Architecture or Engineering.
• 5+ years of related work experience in cloud platforms: AWS (preferred)/Azure/GCP.
• 3+ years experience in industry-standard tools & Frameworks like Splunk, Tenable, Mitre Att&ck, etc.
• Design, implement, support, and evaluate security-focused tools, vulnerability management tools, and services (cloud security services) and cloud-agnostic ones.
• Conduct periodic Vulnerability assessment. Participate in incident handling and other related duties to support the information security function.
• Demonstrated experience in one or more programming languages (preferably Java or Python).
• Experience with SOAR platform to automate security operations.

Furthermore, you bring very good interpersonal skills, a team player attitude, and mindset, and you like bringing others up to speed on technology.

• Demonstrated ability to adapt to new technologies and learn quickly.
• Effective at engaging with teams in various functions and across different levels.
• Strong organizational skills and ability to prioritize and manage multiple projects simultaneously.
• You have experience with automation for infrastructure deploy/manage - terraform, cloudformation, resource manager, or similar.
• Industry-recognized certifications provided by GIAC, ISACA, ISC2.
• Cloud Security Certifications like AWS Certified Security Specialty are preferred.
• Healthcare software experience preferred.
• Experience with clinical workflow solutions or in a clinical environment is a plus.

Roche embraces diversity and equal opportunity in a serious way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills.

Roche is an Equal Opportunity Employer.