At Roche you can show up as yourself embraced for the unique qualities you bring. Our culture encourages personal expression open dialogue and genuine connections where you are valued accepted and respected for who you are allowing you to thrive both personally and professionally. This is how we aim to prevent stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche where every voice matters.

The Position

Senior Security Engineer

Impact

Our Secure Access team protects the organizations global workforce by delivering and operating the technologies that enable secure reliable and compliant access to corporate resources. We work at the intersection of network security identity and cloud supporting users and business-critical systems in a regulated industry environment.

Do you want to make a meaningful impact as a Security Engineer focused on secure access and network security Do you thrive in a fast-paced self-directed environment If so wed love to hear from you!

What You Will Do

As a Security Engineer on the Secure Access team you will design implement and operate the technologies that underpin our organizations remote access web security and network protection capabilities. You will be a hands-on contributor who brings both deep technical expertise and the energy to drive improvements independently.

Purpose

The Secure Access team engineers delivers and supports the solutions used to provide secure network access across the corporate environment spanning on-premises cloud and hybrid infrastructure. The team provides hands-on engineering configuration management and automation support to keep access controls robust auditable and scalable in a regulated industry context.

Key Activities and Deliverables

• Design implement and operate Cloudflare-based web security and Zero Trust access solutions.

• Administer and support GlobalProtect VPN infrastructure including policy management troubleshooting and lifecycle operations.

• Build and maintain automation pipelines to reduce manual toil and improve consistency across security configurations.

• Manage infrastructure-as-code using Terraform and maintain version-controlled configurations in GitHub.

• Own configuration management processes in ServiceNow ensuring accurate CMDB records and change management compliance.

• Ensure security solutions meet regulatory requirements and support audit and compliance activities.

• Proactively identify gaps in access controls and propose improvements with a self-driven solution-oriented mindset.

• Collaborate with cross-functional partners including network identity and cloud teams to deliver integrated secure access capabilities.

• Mentors more junior team members and contributes to the development of security best practices

Job Skills Required

• High energy self-motivated and capable of owning work end-to-end with minimal direction.

• Accountability/Problem Solving: Independently leads the analysis of moderately complex cybersecurity incidents and technical problems clearly defining the security problem scope and driving root cause analysis for security breaches or vulnerabilities

• Identifies a diverse range of security stakeholders across functional areas and effectively manages relationships to build reliance through deep business and technical understanding acting as a trusted advisor

• Strong customer focus with a highly responsive service delivery and support ethic.

• Collaborative and communicative comfortable working across distributed cross-functional teams.

• Detail-oriented with a commitment to quality documentation and operational excellence.

• Strong written and verbal English communication skills.

Qualifications and Experience Required

• 5-7 years of hands-on technical experience in security engineering with a focus on network security and secure access technologies.

• Demonstrated hands-on experience with Cloudflare (e.g. Cloudflare Access Gateway WAF or CDN security features).

• Hands-on experience with Palo Alto GlobalProtect VPN including deployment policy management and troubleshooting.

• Proficiency with Terraform for infrastructure-as-code and GitHub for version control and collaboration.

• Experience using ServiceNow for configuration management (CMDB) change management and/or incident management.

• Proven experience building automation to support security operations (scripts workflows or CI/CD pipelines).

• Prior experience working in a regulated industry (e.g. healthcare finance pharma or government) with an understanding of compliance and audit requirements.

• Strong understanding of network security concepts including Zero Trust VPN DNS firewalls and web proxies.

Nice to Have

• Scripting or programming skills: Python PowerShell Bash or similar.

• Familiarity with Agile and DevOps practices; experience with CI/CD tooling (e.g. GitHub Actions Jenkins Ansible).

• Experience with AWS Azure or GCP cloud security services.

• Exposure to SIEM EDR or broader security operations tooling.

• Relevant certifications such as PCNSE Cloudflare Certified CCNP Security or equivalent.

Who we are

A healthier future drives us to innovate. Together more than 100000 employees across the globe are dedicated to advance science ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities foster creativity and keep our ambitions high so we can deliver life-changing healthcare solutions that make a global impact.

Lets build a healthier future together.

Roche is an Equal Opportunity Employer.