Bei Roche kannst du ganz du selbst sein und wirst für deine einzigartigen Qualitäten geschätzt. Unsere Kultur fördert persönlichen Ausdruck, offenen Dialog und echte Verbindungen. Hier wirst du für das, was du bist, wertgeschätzt, akzeptiert und respektiert. Dies schafft ein Umfeld, in dem du sowohl persönlich als auch beruflich wachsen kannst. Gemeinsam wollen wir Krankheiten vorbeugen, stoppen und heilen und sicherstellen, dass jeder Zugang zur Gesundheitsversorgung hat – heute und in Zukunft. Werde Teil von Roche, wo jede Stimme zählt.
Die Position
At the heart of our digital security is the trust we build through seamless, secure, and authenticated access. As a Junior Web Access Management Engineer, you will join our Identity and Access Management (IAM) team to help manage and secure our web application access controls and identity federation systems. You’ll be instrumental in ensuring that our Single Sign-On (SSO) integrations, Multi-Factor Authentication (MFA) policies, and API gateway access run without a hitch. This is a growth-oriented role where you will learn to navigate complex application security infrastructures while contributing to the automation and optimization of secure access workflows.
Job Responsibilities
Scope
- Support the day-to-day administration of enterprise IAM and Web Access Control (WAC) platforms (such as Okta, Microsoft Entra ID, Ping Identity, or Auth0), including basic policy management and standard troubleshooting.
- Assist in integrating applications with central Identity Providers (IdPs) using standard authentication and authorization protocols, including SAML, OAuth 2.0, and OpenID Connect (OIDC).
- Support the deployment, monitoring, and validation of Multi-Factor Authentication (MFA) mechanisms, including TOTP, security keys (FIDO2/WebAuthn), and passwordless authentication methods.
- Participate in the automation of routine access management tasks, user provisioning policies (such as JIT or basic SCIM setups), and configuration management using Version Control systems and scripting (PowerShell, Bash, or Python).
- Collaborate with senior engineers to troubleshoot session management anomalies, token validation (JWT) issues, and secure communications across web server and API gateway environments.
Impact/Strategy
- Collaborate in the automation of routine application access configuration and user lifecycle tasks using basic scripting (PowerShell, Python, or Bash) and maintain scripts using version control systems.
- Assist in maintaining team internal wikis, standard operating procedures (SOPs), and runbooks for application integrations and access management lifecycles.
- Collaborate with senior engineers to route, distribute, and validate authentication tokens, access policies, and application gateways across diverse staging and production environments.
Complexity
- Focuses primarily on executing defined procedures, troubleshooting authentication and access issues, and engage to senior team members for complex IAM anomalies .
- Contributes to team agility by identifying operational inefficiencies (such as manual provisioning friction) and proposing minor process improvements within immediate daily tasks.
- Demonstrates growing autonomy within the specific domain by translating daily integration requirements into structured tasks under direct supervision.
Business/Technical Ability
- Possesses a working knowledge of the Identity and Access Management (IAM) domain and supporting web access technologies.
- Understands sources of influence, comprehending internal and external factors (such as compliance, user friction, and security threats) affecting the secure web access space, and is capable of identifying and analyzing basic access management problems or opportunities holistically.
Qualifications
Education / Experience
- Experience: 1–2 years of experience in an IT Helpdesk, Systems Administration, junior Web Development, or junior Security Operations (SOC) role. An internship focused on web development, infrastructure, or Identity and Access Management (IAM) is highly valued.
- Education: Bachelor’s Degree in Computer Science, Software Engineering, Cyber Security, or equivalent practical experience.
- Working knowledge of relevant business domains and supporting cybersecurity/web technologies.
- Demonstrated ability to independently handle defined tasks and contribute to various stages of the security and application analysis lifecycle.
Technical Skills
- Understanding of Zero Trust principles, authentication factors, and modern identity workflows.
- A solid understanding of web authentication and authorization protocols (SAML, OAuth 2.0, OIDC) and secure communication basics (HTTP/HTTPS, RESTful APIs, session tokens, and JWTs).
- Exposure to modern web development languages and frameworks (e.g., JavaScript/TypeScript, React, Angular, Node.js, Python, or Go) to assist with frontend authentication integrations.
- Working knowledge of user directory services (Active Directory, LDAP) and standard provisioning methods (SCIM, Just-In-Time provisioning).
- Familiarity with Git for version control and basic exposure to scripting (PowerShell, Bash, or Python) for automating repetitive administration tasks.
- Communication skills to collaborate effectively within Agile/cross-functional teams, with a structured approach to problem-solving.
- Eagerness to learn and a desire to work toward foundational certifications like CompTIA Security+, Microsoft SC-300 (Identity and Access Administrator), or PingID Certified Professional.
Additional Qualifications
- A mindset of continuous improvement with a proactive approach to identifying solution-level issues, gaps, or inefficiencies in access workflows.
- Strong analytical and logical reasoning skills to identify authentication discrepancies, challenge assumptions, and confidently present solutions.
Wer wir sind
Eine gesündere Zukunft treibt uns zur Innovation an. Mehr als 100.000 Mitarbeiter weltweit arbeiten gemeinsam daran, wissenschaftliche Fortschritte zu erzielen und sicherzustellen, dass jeder Zugang zur Gesundheitsversorgung hat – heute und für zukünftige Generationen. Durch unser Engagement werden über 26 Millionen Menschen mit unseren Medikamenten behandelt und mehr als 30 Milliarden Tests mit unseren Diagnostik-Produkten durchgeführt. Wir ermutigen uns gegenseitig, neue Möglichkeiten zu erkunden, Kreativität zu fördern und hohe Ziele zu setzen, um lebensverändernde Gesundheitslösungen zu liefern.
Gemeinsam können wir eine gesündere Zukunft gestalten.
Roche ist ein Arbeitgeber, der die Chancengleichheit fördert.