Cybersecurity Analyst Incident Response

Roche fosters diversity equity and inclusion representing the communities we serve. When dealing with healthcare on a global scale diversity is an essential ingredient to success. We believe that inclusion is key to understanding peoples varied healthcare needs. Together we embrace individuality and share a passion for exceptional care. Join Roche where every voice matters.

The Position

The Global Security Monitoring and Incident Response (MIR) team at Roche strives to keep our networks and users safe from constantly evolving threats. As a Cybersecurity Analyst you will help protect proprietary information patient data keep computer systems clean and provide a safe information environment for our users. All analysts are responsible for monitoring security information identifying threats and taking actions to defend all Roche information systems.

This is an OnSite position based in Madrid Spainand part of a round robin oncall schedule to cover weekends with recuperation.

The Opportunity:

As a Cybersecurity Analyst in the Monitoring and Incident Response team you will partner with other security experts to proactively identify areas of improvement design and validate preventative and detective controls as well as design response strategies within a global enterprise. You will leverage your knowledge technical abilities and creativity to navigate a diverse set of security related logs and telemetry. In addition to hunting you will work to identify and address visibility and logging deficiencies within the network.

• You triage and investigate reported security incidents.

• Refine incident management processes and response processes.

• You maintain awareness of emerging threats vulnerabilities and security trends to proactively identify and address potential risks impacting all members of the Roche group.

• Address questions of end users related to IT security topics through our communication channels.

Who you are:

• You hold a Bachelors degree in Computer Science Information Technology Cybersecurity or at least four years of equivalent work experience in the information security field.

• You have experience driving threat hunting incident response or data protection missions and have a solid understanding of the most common security vulnerabilities and attack vectors as well as their respective mitigation strategies.

• Proficiency with scripting or programming languages such as Python Powershell/C# Bash.

• Industry relevant certifications such as BTL1/2 GMON GCIH GCFA GREM are appreciated but not mandatory.

• You are proficient in clearly articulating technical findings and recommendations to both technical and nontechnical stakeholders and the capability to work independently or as part of a team.

• You have a passion for the field of computer and network security.

Preferred:

• You have experience responding to incidents in cloud environments as well as Network and Endpoint security monitoring experience in a large sophisticated environment.

• Demonstrated ability to analyze triage and escalate information security incidents as well as being familiar with various defensive and offensive security tool sets.

• You are comfortable challenging the status quo to improve the security posture of the Roche group and have the ability to work within security frameworks and methodologies (e.g. ATT&CK STRIDE).

• Experience with Google Workspace Microsoft Office 365 Entra ID Sharepoint Online PAN XDR Splunk BigQuery and threat intel platforms such as MISP OpenCTI

• You are proficient in English German is a plus as well as experience working with a global team and organization.

Relocation benefits are not available for this posting

Who we are

At Roche more than 100000 people across 100 countries are pushing back the frontiers of healthcare. Working together weve become one of the worlds leading researchfocused healthcare groups. Our success is built on innovation curiosity and diversity.

Roche is an Equal Opportunity Employer.