Cybersecurity Analyst (Incident Response, Powershell/C#, Bash)

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

A healthier future. It’s what drives us to innovate. To continuously advance science and ensure everyone has access to the healthcare they need today and for generations to come. Creating a world where we all have more time with the people we love. That’s what makes us Roche

The Global Security, Monitoring and Incident Response (MIR) team at Roche strives to keep our networks and users safe from constantly evolving threats. As a Cybersecurity Analyst, you will help protect proprietary information, patient data, keep computer systems clean, and provide a safe information environment for our users. All analysts are responsible for monitoring security information, identifying threats, and taking actions to defend all Roche information systems.

This is an On-Site position based in Kuala Lumpur, and part of a round robin on-call schedule to cover weekends.

The Opportunity:

As a Cybersecurity Analyst in the Monitoring and Incident Response team, you will partner with other security experts to proactively identify areas of improvement, design and validate preventative and detective controls, as well as design response strategies within a global enterprise. You will use your knowledge, technical abilities and creativity, to navigate a diverse set of security related logs and telemetry. In addition to hunting, you will work to identify and address visibility and logging deficiencies within the network.

You will be:

• You have experience responding to incidents in cloud environments as well as Network and Endpoint security monitoring experience in a large sophisticated environment.
• Demonstrated ability to analyze, triage, and elevate information security incidents as well as being familiar with various defensive and offensive security tool sets.
• Experience with Google Workspace, Microsoft Office 365, Entra ID, Sharepoint Online, PAN XDR, Splunk, BigQuery and threat intel platforms such as MISP, OpenCTI.
• You are proficient in English.
• Industry relevant certifications such as BTL1/2, GMON, GCIH, GCFA, GREM, are appreciated but not mandatory.
• You triage and investigate reported security incidents. Refine incident management processes and response processes. You maintain awareness of emerging threats, vulnerabilities, and security trends to proactively identify and address potential risks, impacting all members of the Roche group; address questions of end users related to IT security topics through our communication channels. Manage and coordinate incidents across the APAC region, serving as the single point of contact (SPOC) for all related matters.

Who you are:

• You hold a Bachelor's degree, and have +5 years of work experience in the cybersecurity field.
• You have experience driving threat hunting, incident response, or data protection missions and have a solid understanding of the most common security vulnerabilities and attack vectors, as well as their respective mitigation strategies.
• Proficiency with scripting or programming languages such as Python, Powershell/C#, Bash. You are proficient in clearly articulating technical findings and recommendations to both technical and non-technical stakeholders, and the capability to work independently or as part of a team.
• You are comfortable challenging the status quo, to improve the security posture of the Roche group and have the ability to work within security frameworks and methodologies (e.g. ATT&CK, STRIDE).
• You have problem-solving skills, you can identify issues and develop effective solutions promptly and efficiently. You have a critical thinking mindset, and you have the ability to analyze and evaluate information to guide decision-making and solve complex problems.
• You are proficient in English and you have a passion for the field of computer and network security.

A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let’s build a healthier future, together.

Roche is an Equal Opportunity Employer.