Roche fosters diversity, equity and inclusion, representing the communities we serve. When dealing with healthcare on a global scale, diversity is an essential ingredient to success. We believe that inclusion is key to understanding people’s varied healthcare needs. Together, we embrace individuality and share a passion for exceptional care. Join Roche, where every voice matters.
A healthier future. It’s what drives us to innovate. To continuously advance science and ensure everyone has access to the healthcare they need today and for generations to come. Creating a world where we all have more time with the people we love. That’s what makes us Roche.
The Cybersecurity - Vulnerability Management Team is part of Roche Global Information Security. Our mission is to safeguard Roche systems and information by prioritizing the resolution of identified IT security risks. We assess the urgency of deploying security updates for infrastructure components through risk ratings and maintain constant vigilance over Roche IT assets for known vulnerabilities.
Our team is dedicated to developing and implementing robust security controls, defenses, and countermeasures to prevent both internal and external attacks on company email, data, e-commerce, and web-based systems. As part of our commitment to staying ahead, our Vulnerability Management Team actively monitors specialized sources for emerging vulnerabilities or weaknesses that could potentially impact Roche.
We are seeking a skilled and experienced Cybersecurity Analyst with expertise in vulnerability management and web application security assessments to join our cybersecurity team. In this role, you will be responsible for keeping our networks and users safe from constantly evolving threats. As a Vulnerability Management Security Analyst, you will help protect proprietary information, patient data, keep computer systems and web applications secure, and provide a safe information environment for our users.
The Opportunity
You are assessing company web applications using automated and manual tools
You are evaluating and prioritizing security issues submitted via a bug-bounty program
You are using enterprise vulnerability management tools to identify high-risk systems
You are communicating risk and collaborating with system owners and other teams to address security vulnerabilities
You are enhancing response capabilities for security vulnerabilities and incidents through tool building, scripting, and training
You are actively involved in security monitoring for a global environment
Who you are
You hold a Bachelor's degree (Information Technology and Information Security preferred) and you have + 5 years of experience in the information security field
You demonstrate expertise in web application, network, and computer security, using Vulnerability Scanning tools (Tenable preferred), SIEM, Splunk SPL, and experience with scripting/automation
You have experience in attack surface management and a proven ability to analyze, triage, and escalate security vulnerabilities
You possess familiarity with various defensive and offensive security tool sets
Preferred
You have experience with cloud platforms and understand security and controls
You hold certifications such as OSCP or similar
You have programming experience in scripting languages such as Python or PowerShell, and familiarity with JavaScript and mobile security
You have experience with ServiceNow tool
You have the ability to effectively communicate information security-related risks, concepts, and situations to a non-technical audience
You have experience working in a large, global, and complex environment
Relocation benefits are not offered for this position
Who we are
At Roche, more than 100,000 people across 100 countries are pushing back the frontiers of healthcare. Working together, we’ve become one of the world’s leading research-focused healthcare groups. Our success is built on innovation, curiosity and diversity.
Roche Pharma Canada has its office in Mississauga, Ontario and employs over 850 employees. The Mississauga facility is bright, vibrant, fosters collaboration and teamwork, and is reflective of Roche's truly innovative culture.
Roche is an Equal Opportunity Employer.
Seniority level
Associate
Employment type
Full-time
Job function
Information Technology
Industries
Pharmaceutical Manufacturing, Biotechnology Research, and Medical Equipment Manufacturing
Referrals increase your chances of interviewing at Roche by 2x
