Process Operations Coordinator Information Security Governance

At Roche you can show up as yourself embraced for the unique qualities you bring. Our culture encourages personal expression open dialogue and genuine connections where you are valued accepted and respected for who you are allowing you to thrive both personally and professionally. This is how we aim to prevent stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche where every voice matters.

The Position

The Information Security & Privacy By Design team is the engine behind Roches security governance. We design deliver and support the digital frameworks that protect our organization including IRAAM (Information Risk Assessment And Mitigation) PETRA (Policy Exceptions Tool for Risk Assessment ) OIA (Outsourcing Impact Assessment) and our cutting-edge GenAI security agents.

As a Process Operations Coordinator you are the Chef dOrchestre of our technical execution. Your mission is to facilitate the seamless flow of our security frameworks ensuring that process deliverables are triggered on time users are supported and reporting is accurate. You are the operational backbone that ensures our security processes are not just defined but are actively understood automated and data-driven.

You are a proactive facilitator who enjoys connecting the dots between complex technical systems and human workflows. You believe that security governance only works when the user experience is smooth and the data is reliable.

Description of the Area

The Information Security & Privacy By Design team makes Roches information security governance accessible through actionable processes. The capabilities we provide enable Roche to identify assess monitor and mitigate information risks manage regulatory compliance and oversee third-party and personal data processing risks. Our processes are primarily instantiated in the ServiceNow IRM Platform. We work closely with Information Security Privacy Risk & Compliance and IT teams to provide enterprise visibility into Roches information risk posture.

Youll be working within the Information Security Governance (ISG) area. ISG is responsible for defining the strategic agenda for information security and privacy topics at the Roche Group level. This is realized within the global Information Security Management System (ISMS) which aligns business and IT strategies business and technical projects policies standards directives procedures governance legal / regulatory compliance and other requirements at a global level.

The Information Security & Privacy by Design area is accountable for co-developing in collaboration with key stakeholders and stewardship of the strategic direction of the Information Risk Assessment processes based on organizational objectives industry practices and legal / regulatory requirements - e.g IRAAM PETRA OIA. This includes oversight awareness direction and continuous improvement to the end-to-end processes and their relevant risk modules in alignment with the global ISMS corporate directives and Roche management systems (e.g. privacy quality risk).

Job Responsibilities

1. Operational Facilitation & Workflow Orchestration

• IRAAM Fulfillment: Actively chase and monitor the delivery of critical artifacts such as control attestations to ensure the process flow remains uninterrupted.

• SER Triage Management: Facilitate the Security Expert Review (SER) Triage process prioritizing and coordinating the assignment of Information Security & Privacy Advisors (ISPA) to execute reviews.

• Process Lifecycle Oversight: Monitor the end-to-end execution of IRAAM PETRA and OIA processes ensuring milestones are met and bottlenecks are addressed proactively.

2. Request Management & Platform Support

• ServiceNow Orchestration: Manage and maintain the service request management tool and its related artifacts within ServiceNow.

• User Advocacy: Serve as the first point of contact for end-users clarifying process expectations and resolving issues related to IRAAM PETRA and OIA.

• Incident & Triage: Manage incident tickets and provide hands-on support for user issues identifying root causes and coordinating with the Platform Team for technical fixes.

• Knowledge Enablement: Support the Information Security Coordinator (ISC) network providing them with the necessary process awareness and documentation to support their local domains.

3. Monitoring Reporting & Data Maintenance

• Infrastructure Maintenance: Maintain and optimize essential operational tools (e.g. Google Sheets/Apps Script) used for SER Triage ensuring they effectively aggregate data from Snowflake Thoughtspot and ServiceNow.

• Process Health Monitoring: Continuously monitor tool-driven process flows to identify dysfunctions or mis-use by end-users proposing and tracking remediations.

• Compliance Oversight: Track the implementation (Service Request tracking integration logs) of selected controls triggered by SRAs (System Risk Assessment) and report on the global status to leadership.

4. Representation & Partnership

• Stakeholder Interface: Represent the Information Security & Privacy by Design team in process discussions with cross-functional stakeholders and process consumers.

• Bridge to Development: Work in close contact with the IRM Platform Management team to ensure operational issues are translated into platform improvements.

Qualifications

Experience

• Process Operations: 35 years of hands-on experience in Business Process Support or Operations specifically managing technical applications or workflow automations.

• Lifecycle Management: Demonstrated experience in chasing deliverables and managing triage or ticket-based workflows in a global environment.

• Stakeholder Coordination: Proven track record of coordinating with technical teams (developers) and non-technical business users.

• Regulated Industry: Experience working in regulated industries (pharmaceutical biotechnology healthcare or similar) is a plus.

Education

• Bachelors degree in Computer Science Information Systems Engineering or a related technical field.

Technical & Business Skills

• Operational Rigor: A Chef dOrchestre mindsetmeticulous about timing follow-ups and ensuring all parties meet their deadlines.

• Analytical Problem Solving: Ability to leverage data products to create operational reports and find creative solutions to user issues without compromising process integrity.

• Systems Thinking: Ability to understand how a single operational delay impacts downstream security posture across the entire organization.

• Automation & Data: Intermediate proficiency in Low-Code/No-Code environments and Data Visualization tools (e.g. Google Apps Script Snowflake Thoughtspot or Tableau).

• Platform Expertise: Foundational knowledge of ServiceNow GRC/IRM and ITSM modules is a significant advantage.

• Security Foundation: Notions of Information Security principles and data privacy (understanding the why behind risk controls).

Leadership Skills

• Communication: Strong ability to build trust and explain complex technical process requirements to a diverse global audience.

• Coordination & Influence: Ability to drive delivery outcomes across cross-functional teams without direct authority.

• Thriving in Ambiguity: Ability to navigate complexity manage ambiguity and drive clarity in delivery.

• Innovation Mindset: Intellectual curiosity and a passion for applying GenAI/LLMs to improve productivity and automate manual tasks.

Who we are

A healthier future drives us to innovate. Together more than 100000 employees across the globe are dedicated to advance science ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities foster creativity and keep our ambitions high so we can deliver life-changing healthcare solutions that make a global impact.

Lets build a healthier future together.

Roche is an Equal Opportunity Employer.