• Job Description

  Req#: 202307-117180

  The Position

  Title: Senior DevSecOps Engineer for connectivity - Digital Products & Enablement

  
  

  Who we are

  Roche’s expanding digital product portfolio demonstrates its commitment to provide healthcare professionals, laboratories, and patients with digital and digitally-enabled solutions that transform patient care. The existing product portfolio includes decision support systems, data management solutions, and workflow solutions. At the center of these diverse types of solutions is always patient data security and privacy as the highest priority for Roche.

  In this context, Roche has built a global team that builds, secures, and operates infrastructure platforms (cloud and on-prem) for its digital products. This team is working with a high freedom to operate in a self-organized setup and is responsible for tackling the cybersecurity, compliance, and infrastructure challenges of the healthcare industry while enabling high-velocity product development.

  The Position

  In the position of Senior DevSecOps Engineer you will join the Diagnostic Product IT Center of Enablement team and will be part of the Connectivity product team.

  As an engineer with good experience in monitoring and improving DevSecOps tools and processes, you will automate routine tasks and improve reliability and governance of various cloud and edge systems focusing on their networking needs..

  You will also play a critical role in providing technical support for day-to-day security operations, security tool integration, automation support, change management and business continuity programs.

  As the Senior DevSecOps Engineer for connectivity, you will:

  • Evaluate, select, design and configure security infrastructure systems in a global environment.

  • Identify, integrate, monitor and improve infosec controls by understanding business processes.

  • Assist with complex projects and automation of day to day security operations to improve SLA

  • Automate Incident response process using open source or industry standard tools and frameworks

  • Roll-out of new cross-cutting technologies - container clusters and service mesh, secrets management, monitoring and logging solutions.

  • Spend time with security ensuring that their needs are built into automated guardrails for developer resources

  • Own and ensure that internal and external SLA’s meet and exceed expectations, Security Engineering centric KPIs are continuously monitored and improved.

  • Participate in on-call rotation to provide infrastructure support, incident management, and troubleshooting.

  Ideally this position will be located in Pune (India). Other possible locations could be Madrid, Sant Cugat (Spain), or Mississauga (Canada).

  Who you are

  You’re looking for a challenge where you have the opportunity to pursue your interests across functions and geographies. Where your passion for technology, delivery, reliability, and operational excellence will impact the lives of patients fighting cancer and many other disease areas in the future.

  You have a University degree in computer science, engineering, or other related fields, or equivalent experience. You bring experience working in a multicultural environment and proven cultural awareness.

  You have extensive experience with automation in CI/CD tools, methods and processes, including development of multi-environment pipelines (e.g., GitHub, GitLab), network design (IPv4 and IPv6, VLANs, BYOIP, Fortinet technologies, Cloudflare…) , Cloud technologies (focusing on AWS and Alicloud), and Containerization/Orchestration (Terraform, Vault…), including Docker & Kubernetes.

  And you have a strong understanding of key security concepts like WAF, Application security, network security, Events Analysis, GraphQL and Identity access management.

  Job-related Experience

  • 3+ years related technical experience in Product Security Architecture or Engineering

  • 5+ years of related work experience in cloud platforms: AWS (preferred)/Azure/GCP/Alicloud

  • 3+ years experience in industry standard tools like Cloudflare, Splunk, ThousandEyes

  • Design, implement, support and evaluate security-focused tools, vulnerability management tools and services.

  • Conduct periodic Vulnerability assessment. Participate in incident handling and other related duties to support the information security function.

  • Demonstrated experience in one or more programming languages (preferably Go or Python)

  Furthermore, you bring:

  • Very good interpersonal skills, a team player attitude and mindset, and you like bringing others up to speed on technology

  • Demonstrated ability to adapt to new technologies and learn quickly

  • Effective at engaging with teams in various functions and across different levels

  • Strong organizational skills and ability to prioritize and manage multiple projects simultaneously

  • You have experience with automation for infrastructure deploy/manage - terraform, cloudformation, resource manager or similar

  • Healthcare software experience preferred

  • Experience with clinical workflow solutions or in a clinical environment is a plus.

  • Ideally contributions to Opensource projects related to these fields

  Roche embraces diversity and equal opportunity in a serious way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. The more inclusive we are, the better our work will be.

  If you still have questions then please check our FAQs and videos on careers.roche.ch/faq.

  Who we are

  At Roche, more than 100,000 people across 100 countries are pushing back the frontiers of healthcare. Working together, we’ve become one of the world’s leading research-focused healthcare groups. Our success is built on innovation, curiosity and diversity.

  Roche is an Equal Opportunity Employer.

• About the company

  606018 F. Hoffmann-La Roche AG is a Swiss multinational healthcare company that operates worldwide under two divisions: Pharmaceuticals and Diagnostics.

Notice