Cybersecurity Analyst

Roche fosters diversity, equity and inclusion, representing the communities we serve. When dealing with healthcare on a global scale, diversity is an essential ingredient to success. We believe that inclusion is key to understanding people’s varied healthcare needs. Together, we embrace individuality and share a passion for exceptional care. Join Roche, where every voice matters.

The Global Security, Monitoring and Incident Response (MIR) team at Roche strives to keep our networks and users safe from constantly evolving threats. As a Cybersecurity Analyst, you will help protect proprietary information, patient data, keep computer systems clean, and provide a safe information environment for our users. All analysts are responsible for monitoring security information, identifying threats, and taking actions to defend all Roche information systems.

This is an On-Site position based in Madrid, Spain, and part of a round robin on-call schedule to cover weekends, with recuperation.

The Opportunity:

As a Cybersecurity Analyst in the Monitoring and Incident Response team, you will partner with other security experts to proactively identify areas of improvement, design and validate preventative and detective controls, as well as design response strategies within a global enterprise. You will leverage your knowledge, technical abilities and creativity, to navigate a diverse set of security related logs and telemetry. In addition to hunting, you will work to identify and address visibility and logging deficiencies within the network.

• You triage and investigate reported security incidents.
• Refine incident management processes and response processes.
• You maintain awareness of emerging threats, vulnerabilities, and security trends to proactively identify and address potential risks, impacting all members of the Roche group.
• Address questions of end users related to IT security topics through our communication channels.

Who you are:

• You hold a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or at least four years of equivalent work experience in the information security field.
• You have experience driving threat hunting, incident response, or data protection missions and have a solid understanding of the most common security vulnerabilities and attack vectors, as well as their respective mitigation strategies.
• Proficiency with scripting or programming languages such as Python, Powershell/C#, Bash.
• Industry relevant certifications such as BTL1/2, GMON, GCIH, GCFA, GREM, are appreciated but not mandatory.
• You are proficient in clearly articulating technical findings and recommendations to both technical and non-technical stakeholders, and the capability to work independently or as part of a team.
• You have a passion for the field of computer and network security.

Preferred:

• You have experience responding to incidents in cloud environments as well as Network and Endpoint security monitoring experience in a large sophisticated environment.
• Demonstrated ability to analyze, triage, and escalate information security incidents as well as being familiar with various defensive and offensive security tool sets.
• You are comfortable challenging the status quo, to improve the security posture of the Roche group and have the ability to work within security frameworks and methodologies (e.g. ATT&CK, STRIDE).
• Experience with Google Workspace, Microsoft Office 365, Entra ID, Sharepoint Online, PAN XDR, Splunk, BigQuery and threat intel platforms such as MISP, OpenCTI.
• You are proficient in English, German is a plus as well as experience working with a global team and organization.

Relocation benefits are not available for this posting.

At Roche, more than 100,000 people across 100 countries are pushing back the frontiers of healthcare. Working together, we’ve become one of the world’s leading research-focused healthcare groups. Our success is built on innovation, curiosity and diversity.

Roche is an Equal Opportunity Employer.