Bei Roche kannst du ganz du selbst sein und wirst für deine einzigartigen Qualitäten geschätzt. Unsere Kultur fördert persönlichen Ausdruck, offenen Dialog und echte Verbindungen. Hier wirst du für das, was du bist, wertgeschätzt, akzeptiert und respektiert. Dies schafft ein Umfeld, in dem du sowohl persönlich als auch beruflich wachsen kannst. Gemeinsam wollen wir Krankheiten vorbeugen, stoppen und heilen und sicherstellen, dass jeder Zugang zur Gesundheitsversorgung hat – heute und in Zukunft. Werde Teil von Roche, wo jede Stimme zählt.
Die Position
Senior Security Engineer
Impact
Our Secure Access team protects the organization’s global workforce by delivering and operating the technologies that enable secure, reliable, and compliant access to corporate resources. We work at the intersection of network security, identity, and cloud — supporting users and business-critical systems in a regulated industry environment.
Do you want to make a meaningful impact as a Security Engineer focused on secure access and network security? Do you thrive in a fast-paced, self-directed environment? If so, we’d love to hear from you!
What You Will Do
As a Security Engineer on the Secure Access team, you will design, implement, and operate the technologies that underpin our organization’s remote access, web security, and network protection capabilities. You will be a hands-on contributor who brings both deep technical expertise and the energy to drive improvements independently.
Purpose
The Secure Access team engineers, delivers, and supports the solutions used to provide secure network access across the corporate environment — spanning on-premises, cloud, and hybrid infrastructure. The team provides hands-on engineering, configuration management, and automation support to keep access controls robust, auditable, and scalable in a regulated industry context.
Key Activities and Deliverables
- Design, implement, and operate Cloudflare-based web security and Zero Trust access solutions.
- Administer and support GlobalProtect VPN infrastructure, including policy management, troubleshooting, and lifecycle operations.
- Build and maintain automation pipelines to reduce manual toil and improve consistency across security configurations.
- Manage infrastructure-as-code using Terraform and maintain version-controlled configurations in GitHub.
- Own configuration management processes in ServiceNow, ensuring accurate CMDB records and change management compliance.
- Ensure security solutions meet regulatory requirements and support audit and compliance activities.
- Proactively identify gaps in access controls and propose improvements with a self-driven, solution-oriented mindset.
- Collaborate with cross-functional partners including network, identity, and cloud teams to deliver integrated secure access capabilities.
- Mentors more junior team members and contributes to the development of security best practices
Job Skills Required
- High energy, self-motivated, and capable of owning work end-to-end with minimal direction.
- Accountability/Problem Solving: Independently leads the analysis of moderately complex cybersecurity incidents and technical problems, clearly defining the security problem scope and driving root cause analysis for security breaches or vulnerabilities
- Identifies a diverse range of security stakeholders across functional areas and effectively manages relationships to build reliance through deep business and technical understanding, acting as a trusted advisor
- Strong customer focus with a highly responsive service delivery and support ethic.
- Collaborative and communicative — comfortable working across distributed, cross-functional teams.
- Detail-oriented with a commitment to quality, documentation, and operational excellence.
- Strong written and verbal English communication skills.
Qualifications and Experience Required
- 5-7 years of hands-on technical experience in security engineering, with a focus on network security and secure access technologies.
- Demonstrated hands-on experience with Cloudflare (e.g., Cloudflare Access, Gateway, WAF, or CDN security features).
- Hands-on experience with Palo Alto GlobalProtect VPN, including deployment, policy management, and troubleshooting.
- Proficiency with Terraform for infrastructure-as-code and GitHub for version control and collaboration.
- Experience using ServiceNow for configuration management (CMDB), change management, and/or incident management.
- Proven experience building automation to support security operations (scripts, workflows, or CI/CD pipelines).
- Prior experience working in a regulated industry (e.g., healthcare, finance, pharma, or government) with an understanding of compliance and audit requirements.
- Strong understanding of network security concepts including Zero Trust, VPN, DNS, firewalls, and web proxies.
Nice to Have
•
Scripting or programming skills: Python, PowerShell, Bash, or similar.
- Familiarity with Agile and DevOps practices; experience with CI/CD tooling (e.g., GitHub Actions, Jenkins, Ansible).
- Experience with AWS, Azure, or GCP cloud security services.
- Exposure to SIEM, EDR, or broader security operations tooling.
- Relevant certifications such as PCNSE, Cloudflare Certified, CCNP Security, or equivalent.
Wer wir sind
Eine gesündere Zukunft treibt uns zur Innovation an. Mehr als 100.000 Mitarbeiter weltweit arbeiten gemeinsam daran, wissenschaftliche Fortschritte zu erzielen und sicherzustellen, dass jeder Zugang zur Gesundheitsversorgung hat – heute und für zukünftige Generationen. Durch unser Engagement werden über 26 Millionen Menschen mit unseren Medikamenten behandelt und mehr als 30 Milliarden Tests mit unseren Diagnostik-Produkten durchgeführt. Wir ermutigen uns gegenseitig, neue Möglichkeiten zu erkunden, Kreativität zu fördern und hohe Ziele zu setzen, um lebensverändernde Gesundheitslösungen zu liefern.
Gemeinsam können wir eine gesündere Zukunft gestalten.
Roche ist ein Arbeitgeber, der die Chancengleichheit fördert.
