Roche

We're looking for a skilled Cybersecurity Engineer for Edge Defense (Cloud) who will architect and operate secure network infrastructures across multi-cloud environments and serve as a key technical authority in defending enterprise digital boundaries.

🎯 Responsibilities

• Design and develop robust cloud network infrastructures across AWS, GCP, and Azure, leveraging Palo Alto instances for deep traffic inspection
• Create detailed network diagrams, design documents, and implementation blueprints for new cloud-native and hybrid security architectures
• Collaborate with network and cloud architects to seamlessly integrate firewall solutions into the global network
• Configure and manage advanced Palo Alto solutions (VM-Series, Panorama), including production upgrades and migrations
• Deploy and manage security solutions in multi-cloud environments via automated pipelines
• Implement and manage security features such as App-ID, User-ID, WildFire, Threat Prevention, SSL Decryption, and GlobalProtect to enforce Zero Trust
• Troubleshoot complex network and security issues across cloud-native routing, load balancing, and firewall inspection
• Manage security policies as code and drive automation workflows to reduce manual work and maintain consistent, high-speed security enforcement
• Keep up with emerging threats, cloud vulnerabilities, and new technologies to continuously strengthen defense-in-depth strategies
• Participate in on-call rotations to ensure continuous availability and integrity of global edge security services

🛠️ Requirements

• Bachelor’s degree in Computer Science, Software Engineering, Information Security, or a related field
• Proven experience implementing network security controls in at least two major cloud providers (AWS, Azure, or GCP)
• At least 3 years of experience designing, deploying, and supporting Next-Generation Firewalls (NGFW) with a solid networking background
• Hands-on experience configuring and maintaining Palo Alto NGFWs, including TLS inspection, user identification, WildFire, Threat Prevention, URL Filtering, and GlobalProtect
• Experience using Ansible, Terraform, or Python to manage network security infrastructure at scale
• Experience managing security controls in complex, global environments involving diverse device profiles (IoT, Medical, Corporate)
• Experience working in highly regulated industries (such as Pharmaceuticals, Healthcare, or Finance) is a significant plus
• Expert knowledge of Palo Alto and/or Fortinet platforms, including advanced threat prevention and high-availability design
• Proficient with configuring cloud-specific network components (VPCs, VNETs, Transit Gateways, Load Balancers) across AWS, Azure, and GCP
• Strong foundation in core protocols (BGP, OSPF, DNS, TLS/SSL) and their role in security enforcement
• Solid understanding of security concepts, trends, and best practices, with experience in validated (GxP) environments

➕ Nice to have

• Palo Alto Networks PCNSE, AWS Certified Security, or Azure Security Engineer Associate certification
• CISSP or similar cybersecurity certification
• Proficiency in Terraform and GitHub for version-controlled, reproducible security configurations
• Strong skills in Python or Go for custom API integration and internal orchestration tools

💡 Leadership and Collaboration

• Strong ability to build trust with network/infrastructure experts and explain complex security concepts to non-technical stakeholders
• Passionate about researching network security trends and automation techniques
• Ability to navigate global complexity and translate high-level requirements into functional network policies
• Demonstrated self-starter, able to own technical workstreams from concept to production independently
• Experience mentoring less-experienced colleagues and guiding cybersecurity best practices
• Excellent facilitation, communication, and conflict resolution skills to align multiple product squads and stakeholder networks
• Demonstrated interpersonal and collaborative skills, with a commitment to operational excellence

We're looking for a Migration & Integration Expert with strong AWS experience to lead complex cloud migration projects, integrate new entities and legacy infrastructures into modern AWS environments, and support the continuous evolution of enterprise cloud platforms.

🎯 Responsibilities

1. Lead technical migrations of high-stakes AWS accounts, ensuring seamless integration of newly acquired entities and legacy systems into the AWS platform.
2. Establish and guide the technical direction throughout the full lifecycle of platforms and services, from inception and design to deployment, operation, and retirement.
3. Apply software engineering principles to build, scale, and manage large-scale IT infrastructure products and services, providing self-service tools and APIs for developers.
4. Design and develop complex CI/CD pipelines and self-healing features, and lead disaster recovery design and execution plans.
5. Proactively solve complex problems and lead maintenance of live services by designing metrics for system health, availability, and performance.
6. Plan infrastructure capacity, scalability, and performance; lead major optimization initiatives across inter-related platforms.
7. Work closely with development teams, Managed Services suppliers, and vendors to improve application development velocity and optimize service reliability.
8. Transform developer and customer needs into actionable requirements and provide clear technical guidance and priorities.
9. Ensure compliance with quality, regulatory, and security standards; lead audits and implement best practices for cost, compliance, and security.
10. Drive innovation and sustainability in cloud systems, managing ITSM processes and applying design thinking, lean and agile methodologies.
11. Mentor and guide geo-distributed, cross-functional teams, fostering knowledge sharing and continuous improvement.

🛠️ Requirements

1. Extensive experience designing and implementing cloud-based solutions.
2. Proven track record of solving complex, high-impact problems using automation, architecture, and cloud-native patterns.
3. Strong experience mentoring engineers and fostering a culture of knowledge sharing and continuous improvement.
4. Demonstrated ability to collaborate with diverse, cross-functional, and international teams.
5. Expertise in building and managing large, multi-tenant AWS platforms (account provisioning, landing zone deployment, customizations, functional exposure).
6. Deep expertise with Terraform and AWS CDK, including building reusable modules and components for operational consistency.
7. In-depth knowledge of AWS cloud components: IAM, Networking (VPC subnetting, TGW, DX, Route53), Landing Zone development, security guardrails, and platform security features.
8. Advanced skills in Infrastructure as Code (IaC) with Terraform or CDK, including development, testing, and deployment.
9. Experience building platforms with a focus on developer experience, self-service APIs, and automated onboarding workflows.
10. Strong knowledge of Gitlab/Github, software development lifecycle (SDLC), and CI/CD best practices.
11. Proficiency in scripting languages such as Python or Bash, and using testing frameworks like Pytest.
12. Familiarity with Agile methodologies (such as SAFe), principles, and tools.
13. Experience integrating and operationalizing AI agents or LLM-based tools to enhance DevOps workflows, automated documentation, or incident analysis.
14. Ability to design and build cloud solutions in alignment with the AWS Well Architected Framework (operational excellence, security, reliability, performance efficiency, cost optimization, sustainability).
15. Strong incident response skills, including ITSM process management and conducting effective postmortems.

We're looking for a Technical Product Owner – Application Observability to lead the development, delivery, and support of global observability product capabilities and drive the shift from reactive to proactive engineering.

🎯 Responsibilities

1. Own the end-to-end development, delivery, and lifecycle management of Application Observability capabilities.
2. Lead Agile ceremonies, manage product backlogs, and optimize DevOps infrastructure processes for continual delivery improvements.
3. Build strong cross-functional partnerships with senior management, global teams, and external vendors.
4. Support study designs and infrastructure setup by implementing scalable, secure, and cost-effective observability frameworks.
5. Ensure software delivery and IT Service Management (ITSM) solutions meet quality, security, and regulatory standards; lead audit preparation and business continuity plans.
6. Mentor geo-distributed, virtual teams, fostering knowledge sharing and operational excellence.

🛠️ Requirements

1. 7+ years of experience in technical delivery, software development, product/service management, or infrastructure engineering.
2. 2+ years of experience in biotechnology, pharmaceuticals, or regulated healthcare technology environments.
3. Deep knowledge of observability domain, including familiarity with market-leading observability offerings and architectures; hands-on expertise with platforms like Grafana Cloud and Datadog is highly appreciated.
4. Proven experience managing requirements using tools such as Jira and Confluence.
5. Demonstrated ability to mentor and influence geo-distributed teams.
6. Strong skills in strategic problem solving, transforming complex needs into actionable requirements, managing ITSM processes, and applying innovative DevOps solutions.

We're looking for a skilled Data Engineer – Security Insights and Automation to lead, design, develop, and maintain scalable and robust data pipelines and infrastructure. This role focuses on building ETL/ELT processes, optimizing data storage solutions, ensuring data quality and system monitoring, with a strong collaboration alongside data scientists and analysts. You will implement decentralized Data Products following Data Mesh principles, leveraging expertise in Python, SQL, and big data technologies.

🎯 Responsibilities

1. Design, build, and maintain scalable end-to-end data pipelines using Talend, dbt, and Python.
2. Develop and optimize data architectures aligned with Data Mesh standards, ensuring scalability and security.
3. Transform raw security telemetry and vulnerability data into high-quality feature sets for predictive modeling, anomaly detection, and automated risk scoring.
4. Collaborate with business units and data scientists to fully understand and fulfill diverse data needs.
5. Communicate effectively with both technical and non-technical stakeholders.
6. Optimize and support data structures and schemas for executive dashboards and self-service analytics in Tableau and ThoughtSpot.
7. Solve complex data ingestion challenges and lead Snowflake optimizations and schema design for large-scale data initiatives.
8. Implement strategies and integrate diverse infrastructures for seamless organizational data flow.

🛠️ Requirements

1. Demonstrated experience handling large-scale data engineering projects and managing complex systems.
2. Proven expertise in independently building ETL/ELT processes and optimizing data warehouses and data lakes.
3. Experience ensuring data quality, reliability, and effective system monitoring.
4. Advanced skills in SQL and Snowflake, including data structure design, schema development, and performance optimization.
5. Expert-level programming skills in Python or Scala for data engineering tasks.
6. Hands-on experience with dbt for data transformation and Talend for data integration.
7. Solid understanding of Data Mesh principles and experience supporting AI/ML initiatives (feature engineering).
8. Technical ability to support visualizations using Tableau and ThoughtSpot.
9. Expertise in consuming and exposing APIs to integrate security insights across systems.
10. Strong communication and collaboration skills with technical and non-technical audiences.