Public Key Infrastructure Junior Engineer

At Roche you can show up as yourself embraced for the unique qualities you bring. Our culture encourages personal expression open dialogue and genuine connections where you are valued accepted and respected for who you are allowing you to thrive both personally and professionally. This is how we aim to prevent stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche where every voice matters.

The Position

At the heart of our digital security is the trust we build through encrypted communication. As a PKI Engineer you will join our Identity and Access Management (IAM) team to help manage the core certificate infrastructure. Youll be instrumental in ensuring that our digital certificates are issued tracked and renewed without a hitch. This is a growth-oriented role where you will learn to navigate complex security infrastructures while contributing to the automation of high-volume security tasks.

Job Responsibilities

Scope

• Support the day-to-day administration of Microsoft Active Directory Certificate Services (AD CS) including basic template management and standard troubleshooting.

• Use Keyfactor Command to monitor certificate health identify expiring assets and assist in bringing untracked certificates into compliance.

• Support the deployment of ACME clients (like Certbot) for automated certificate issuance across web server environments.

• Participate in the automation of routine certificate tasks using Version Control systems and scripting as required (PowerShell or Python).

• Collaborate with senior engineers to orchestrate certificate distribution to load balancers firewalls and application servers.

Impact/Strategy

• Collaborate in the automation of routine certificate tasks using basic scripting (PowerShell or Python) and maintain scripts using version control systems.

• Assist in maintaining team internal wikis standard operating procedures and runbooks for certificate lifecycle management.

• Collaborate with senior engineers to route distribute and install certificates to load balancers firewalls and application servers.

Complexity

• Focuses primarily on executing defined procedures troubleshooting routine issues and escalating complex anomalies to senior team members.

• Contributes to team agility by identifying operational inefficiencies and proposing minor process improvements within immediate daily tasks.

• Demonstrates growing autonomy within the specific domain by translating daily requirements into structured tasks under direct supervision.

Business/Technical ability

• Possesses a working knowledge of the relevant business domain and supporting technologies

• Understands sources of influence comprehending internal and external factors affecting the problem space and is capable of identifying and analyzing basic business problems or opportunities holistically

Qualifications

Education / Experience

• Experience: 12 years of experience in an IT Helpdesk Systems Administration or junior Security Operations (SOC) role. An internship focused on infrastructure or security is highly valued.

• Education: Bachelors Degree in Computer Science Cyber Security or equivalent practical experience.

• Working knowledge of relevant business domains and supporting cybersecurity technologies

• Demonstrated ability to independently handle defined tasks and contribute to various stages of the security and business analysis lifecycle

Technical Skills

• Understanding of Zero Trust principles authentication factors and cryptography.

• A solid understanding of cryptography basics (Symmetric vs. Asymmetric Hashing Digital Signatures).

• Experience with Windows Server and Active Directory. Exposure to web servers like IIS Apache or Nginx. Comfortable using Git for basic file management and collaboration.

• Knowledge of the ACME protocol or experience using tools like Certbot.

• Familiarity with PowerShell or Python for automating repetitive tasks.

• Familiarity with Git for version control and basic exposure to scripting (PowerShell Bash or Python) for automating repetitive tasks.

• Communication skills to collaborate effectively within Agile/cross-functional teams with a structured approach to problem-solving.

• Eagerness to learn and a desire to work toward foundational certifications like CompTIA Security or Microsoft SC-300.

Additional Qualifications

• A mindset of continuous improvement with a proactive approach to identifying solution-level issues gaps or inefficiencies

• Strong analytical and logical reasoning skills to identify discrepancies challenge assumptions and confidently present solutions

Who we are

A healthier future drives us to innovate. Together more than 100000 employees across the globe are dedicated to advance science ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities foster creativity and keep our ambitions high so we can deliver life-changing healthcare solutions that make a global impact.

Lets build a healthier future together.

Roche is an Equal Opportunity Employer.