Bei Roche kannst du ganz du selbst sein und wirst für deine einzigartigen Qualitäten geschätzt. Unsere Kultur fördert persönlichen Ausdruck, offenen Dialog und echte Verbindungen. Hier wirst du für das, was du bist, wertgeschätzt, akzeptiert und respektiert. Dies schafft ein Umfeld, in dem du sowohl persönlich als auch beruflich wachsen kannst. Gemeinsam wollen wir Krankheiten vorbeugen, stoppen und heilen und sicherstellen, dass jeder Zugang zur Gesundheitsversorgung hat – heute und in Zukunft. Werde Teil von Roche, wo jede Stimme zählt.
Die Position
At the heart of our digital security is the trust we build through encrypted communication. As aPKI Engineer, you will join our Identity and Access Management (IAM) team to help manage the core certificate infrastructure. You’ll be instrumental in ensuring that our digital certificates are issued, tracked, and renewed without a hitch. This is a growth-oriented role where you will learn to navigate complex security infrastructures while contributing to the automation of high-volume security tasks.
Job Responsibilities
Scope
- Support the day-to-day administration of Microsoft Active Directory Certificate Services (AD CS), including basic template management and standard troubleshooting.
- Use Keyfactor Command to monitor certificate health, identify expiring assets, and assist in bringing untracked certificates into compliance.
- Support the deployment of ACME clients (like Certbot) for automated certificate issuance across web server environments.
- Participate in the automation of routine certificate tasks using Version Control systems and scripting as required (PowerShell or Python).
- Collaborate with senior engineers to orchestrate certificate distribution to load balancers, firewalls, and application servers.
Impact/Strategy
- Collaborate in the automation of routine certificate tasks using basic scripting (PowerShell or Python) and maintain scripts using version control systems.
- Assist in maintaining team internal wikis, standard operating procedures, and runbooks for certificate lifecycle management.
- Collaborate with senior engineers to route, distribute, and install certificates to load balancers, firewalls, and application servers.
Complexity
- Focuses primarily on executing defined procedures, troubleshooting routine issues, and escalating complex anomalies to senior team members.
- Contributes to team agility by identifying operational inefficiencies and proposing minor process improvements within immediate daily tasks.
- Demonstrates growing autonomy within the specific domain by translating daily requirements into structured tasks under direct supervision.
Business/Technical ability
- Possesses a working knowledge of the relevant business domain and supporting technologies
- Understands sources of influence, comprehending internal and external factors affecting the problem space, and is capable of identifying and analyzing basic business problems or opportunities holistically
Qualifications
Education / Experience
- Experience: 1–2 years of experience in an IT Helpdesk, Systems Administration, or junior Security Operations (SOC) role. An internship focused on infrastructure or security is highly valued.
- Education: Bachelor’s Degree in Computer Science, Cyber Security, or equivalent practical experience.
- Working knowledge of relevant business domains and supporting cybersecurity technologies
- Demonstrated ability to independently handle defined tasks and contribute to various stages of the security and business analysis lifecycle
Technical Skills
- Understanding of Zero Trust principles, authentication factors and cryptography.
- A solid understanding of cryptography basics (Symmetric vs. Asymmetric, Hashing, Digital Signatures).
- Experience with Windows Server and Active Directory. Exposure to web servers like IIS, Apache, or Nginx. Comfortable using Git for basic file management and collaboration.
- Knowledge of the ACME protocol or experience using tools like Certbot.
- Familiarity with PowerShell or Python for automating repetitive tasks.
- Familiarity with Git for version control and basic exposure to scripting (PowerShell, Bash, or Python) for automating repetitive tasks.
- Communication skills to collaborate effectively within Agile/cross-functional teams, with a structured approach to problem-solving.
- Eagerness to learn and a desire to work toward foundational certifications like CompTIA Security+ or Microsoft SC-300.
Additional Qualifications
- A mindset of continuous improvement with a proactive approach to identifying solution-level issues, gaps, or inefficiencies
- Strong analytical and logical reasoning skills to identify discrepancies, challenge assumptions, and confidently present solutions
Wer wir sind
Eine gesündere Zukunft treibt uns zur Innovation an. Mehr als 100.000 Mitarbeiter weltweit arbeiten gemeinsam daran, wissenschaftliche Fortschritte zu erzielen und sicherzustellen, dass jeder Zugang zur Gesundheitsversorgung hat – heute und für zukünftige Generationen. Durch unser Engagement werden über 26 Millionen Menschen mit unseren Medikamenten behandelt und mehr als 30 Milliarden Tests mit unseren Diagnostik-Produkten durchgeführt. Wir ermutigen uns gegenseitig, neue Möglichkeiten zu erkunden, Kreativität zu fördern und hohe Ziele zu setzen, um lebensverändernde Gesundheitslösungen zu liefern.
Gemeinsam können wir eine gesündere Zukunft gestalten.
Roche ist ein Arbeitgeber, der die Chancengleichheit fördert.
