Senior Cloud Security Engineer

At Roche you can show up as yourself embraced for the unique qualities you bring. Our culture encourages personal expression open dialogue and genuine connections where you are valued accepted and respected for who you are allowing you to thrive both personally and professionally. This is how we aim to prevent stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche where every voice matters.

The Position

We are a high-performing cybersecurity team tasked with protecting the organizations computing environments. While our historical stronghold has been managing enterprise Endpoint Detection and Response (EDR) Application Control and Secure Data Erasure we are now expanding our focus to secure our dynamic cloud-native environments.
We are looking for a Cloud Security Engineer specializing in Cloud Workload Protection. You will be responsible for securing IaaS PaaS containers and serverless architectures. Working alongside your senior endpoint security colleagues you will bridge the gap between traditional endpoint defense and modern cloud infrastructure ensuring our threat detection and application governance standards are seamlessly extended to the cloud.

Job Responsibilities

• Cloud Workload Protection (CWPP): Architect deploy and manage Cloud Workload Protection Platforms (e.g. Prisma Cloud Microsoft Defender for Cloud Wiz or Aqua) across our multi-cloud environment (AWS Azure and/or GCP).

• Container & Kubernetes Security: Implement runtime defense vulnerability scanning and configuration hardening for containerized applications and orchestration platforms (EKS AKS GKE).

• Extending Core Services to the Cloud: Adapt our existing strategies for EDR and Application Control to function effectively in ephemeral cloud-native workloads without degrading performance.

• DevSecOps Integration: Embed security controls directly into CI/CD pipelines (Shift-Left) ensuring images registries and Infrastructure as Code (IaC) templates are scanned and secured before deployment.

• Automated Remediation: Develop automated response playbooks for cloud misconfigurations and workload alerts using serverless functions and native cloud APIs.

Qualifications
Education / Experience / Technical Skills

• Bachelors degree in Computer Science Software Engineering Cybersecurity or equivalent practical experience.

• 3 years of dedicated experience securing public cloud workloads with a strong understanding of the shared responsibility model.

• Deep technical knowledge of Docker Kubernetes and container orchestration. You should know how to secure a pod restrict container privileges and manage network policies.

• Proven hands-on experience deploying and tuning commercial or open-source cloud security platforms (CWPP / CNAPP).

• Strong grasp of cloud-native networking (VPCs Security Groups) and Identity and Access Management (least-privilege roles service accounts).

• Proficiency in written and spoken English (C1 or above level).

Additional Qualifications

• Bridge Builder: Ability to collaborate closely with DevOps and Cloud Engineering teams acting as an enabler rather than a roadblock.

• Strategic Thinker: Capacity to look at our existing on-premise security policies and intelligently adapt them for ephemeral cloud environments.

• Adaptable: Comfortable working in a highly dynamic cybersecurity environment where priorities can shift based on emerging needs.

• Team Player: Ability to collaborate effectively with internal and external team mates and stakeholders.

• Mentorship: Willingness to cross-train our existing senior endpoint engineers on cloud-native security concepts while learning from their deep endpoint telemetry expertise.

Compensation & Benefits

This position also offers an attractive benefits package.

Learn more about how we reward our employees at Roche.

Who we are

A healthier future drives us to innovate. Together more than 100000 employees across the globe are dedicated to advance science ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities foster creativity and keep our ambitions high so we can deliver life-changing healthcare solutions that make a global impact.

Lets build a healthier future together.