Security Engineer Vulnerability & Exposure Management

At Roche you can show up as yourself embraced for the unique qualities you bring. Our culture encourages personal expression open dialogue and genuine connections where you are valued accepted and respected for who you are allowing you to thrive both personally and professionally. This is how we aim to prevent stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche where every voice matters.

The Position

The Global Security Monitoring & Incident Response (MIR) team at Roche is dedicated to protecting our networks systems applications and users from constantly evolving cyber threats. As a Security Engineer within the Vulnerability & Exposure Management team you will play a critical role in identifying assessing prioritizing and reducing cybersecurity risks across Roches global environment.

This role goes beyond reviewing scanner outputs. You will help investigate critical vulnerabilities assess exploitability improve security tooling and automation capabilities and partner with stakeholders globally to strengthen Roches security posture.

You will join a collaborative and highly technical cybersecurity team that values innovation curiosity continuous learning and proactive risk reduction.

Your Opportunity

In this role you will:

• Triage investigate and respond to critical vulnerabilities impacting Roche systems and applications

• Evaluate and prioritize vulnerabilities identified through security tools and external programs including bug bounty initiatives

• Research emerging threats and assess exploitability against Roches attack surface

• Collaborate with infrastructure cloud application and security teams to drive remediation activities

• Assess company systems and web applications using automated and manual testing approaches

• Engineer and enhance vulnerability scanning detection automation and monitoring capabilities

• Contribute to security monitoring and incident response activities within a global environment

• Develop scripts detection logic templates and automation workflows to improve operational efficiency

• Support continuous improvement initiatives across vulnerability and exposure management processes

Who you are

You bring a strong cybersecurity foundation combined with analytical thinking technical curiosity and a proactive approach to solving complex security challenges.

You also bring:

• Associate Degree in a relevant field or 5 years of professional experience in information security with demonstrated experience triaging analyzing and escalating security vulnerabilities

• Strong understanding of web application network endpoint and cloud security concepts including vulnerability management or attack surface management within complex enterprise environments

• Hands-on scripting or programming experience using languages such as Python JavaScript or with familiarity in security tooling detection logic automation or custom scripting

• Experience validating vulnerabilities assessing exploitability and supporting security monitoring or incident response activities

• Ability to communicate technical risks effectively to both technical and non-technical stakeholders while balancing operational priorities and research initiatives

• Passion for cybersecurity continuous learning and emerging security trends with exposure to open-source security projects or modern AI-assisted engineering workflows considered advantageous

• Professional fluency in English with industry certifications related to offensive or application security (e.g. OSCP GWAPT OSWE) and enterprise cloud security experience viewed as strong assets

Who we are

A healthier future drives us to innovate. Together more than 100000 employees across the globe are dedicated to advance science ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities foster creativity and keep our ambitions high so we can deliver life-changing healthcare solutions that make a global impact.

Lets build a healthier future together.

Roche is an Equal Opportunity Employer.