At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections,  where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

Join us as a Product Cybersecurity Expert in Sant Cugat, Barcelona!

Data security and privacy are key success factors in our digital transformation and essential to reach our ambitions. At Roche, we empower our team members with cutting-edge resources and a collaborative environment that drives innovation and excellence. As a Product Cybersecurity Expert, you have the opportunity to contribute to the overall Roche Diagnostics vision by applying end-to-end Division-wide product security and privacy operations to keep our products and services secure and privacy compliant throughout the entire lifecycle.

What sets Roche apart is our commitment to professional development, well-being, and a dynamic work-life balance. Our Employee Value Proposition (EVP) includes comprehensive benefits, continuous learning opportunities, and a culture that values diversity and inclusion. You believe in the potential of science, technology, data, and insights to improve the standard of care for humankind and you are eager to navigate through unchartered territory to lift this potential. Join a company where your expertise will be recognized, and your contributions will make a direct impact on global health and patient outcomes.

Key Challenges

Defining security and privacy requirements for Roche products, medical devices or health/clinical solutions both in the cloud and on-premises during all product software development lifecycle.

Contributing to the development and support implementation of security and privacy risk management framework across the product lifecycle.

Supporting in the definition, implementation and maintenance of product security and privacy control measures for a product or platform, considering changes in technology, regulations and customer needs. 

Managing vulnerabilities at all technology layers during pre and post market activities of the product or platform, making sure they are fixed in a timely manner.

Assess the risks of vulnerabilities detected in security testing activities (SCA, SAST, DAST, IAC, Pentest, etc.) for a given product and support on the remediation activities.

Conducting planning and coordination of external security testing activities (verification & validation) and remediation plans (e.g. pentest). 

Supporting security incident response and forensic activities working directly with the Roche Intelligence and Defense teams.

Conduct Threat Modelling and Cybersecurity Risk Management Assessments for products to assess patient safety, customer property damage, business risk, etc.

Support security and privacy related documentation with high quality for internal and external compliance. Develops, maintains and continuously optimizes processes, playbooks and tools. 

Who you are as our ideal candidate:

BA/BS in Engineering, Computer Science or relevant area of study required.

Security industry certifications such as CISSP, SANS GIAC (GCIH, GPEN, GCIA, GCFA, etc.),  CSSP, CISA, etc.

Minimum of 7+ years of related work experience in security engineering, security operations, vulnerability management or application security.

Demonstrated experience working with product software development and cloud platform teams, preferably in international companies in the healthcare or regulated industries.

In-depth experience in analyzing product security posture, threat and risk landscape, performing threat modeling and defining adequate security and data privacy controls to mitigate risks.

Excellent interpersonal skills with high cross-cultural sensitivity; ability to collaborate and communicate across multiple international teams; commitment to working as a team player across Business Areas and Divisions.

Note that we are seeking a candidate who is based in Barcelona and is available to work from the office 2-3 days per week.

A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let’s build a healthier future, together.

Roche is an Equal Opportunity Employer.