Cybersecurity Analyst

Roche fosters diversity, equity and inclusion, representing the communities we serve. When dealing with healthcare on a global scale, diversity is an essential ingredient to success. We believe that inclusion is key to understanding people’s varied healthcare needs. Together, we embrace individuality and share a passion for exceptional care. Join Roche, where every voice matters.

The Global Security, Monitoring and Incident Response (MIR) team at Roche strives to keep our networks and users safe from constantly evolving threats. As a Cybersecurity Analyst, you will help protect proprietary information, patient data, keep computer systems clean, and provide a safe information environment for our users. All analysts are responsible for monitoring security information, identifying threats, and taking actions to defend all Roche information systems.

This is an On-Site position based in Mississauga (Canada),and part of a round robin on-call schedule to cover weekends.

The Opportunity:

As a Cybersecurity Analyst in the Monitoring and Incident Response team, you will partner with other security experts to proactively identify areas of improvement, design and validate preventative and detective controls, as well as design response strategies within a global enterprise. You will use your knowledge, technical abilities and creativity, to navigate a diverse set of security related logs and telemetry. In addition to hunting, you will work to identify and address visibility and logging deficiencies within the network.

• You triage and investigate reported security incidents.

• Refine incident management processes and response processes.

• You maintain awareness of emerging threats, vulnerabilities, and security trends to proactively identify and address potential risks, impacting all members of the Roche group.

• Address questions of end users related to IT security topics through our communication channels.

Who you are:

• You hold a Bachelor's degree, and have at least five years of work experience in the cybersecurity field. If you have other cybersecurity certifications but do not hold a Bachelor's degree, you must have at least seven years of experience in the field of cybersecurity.

• You have experience driving threat hunting, incident response, or data protection missions and have a solid understanding of the most common security vulnerabilities and attack vectors, as well as their respective mitigation strategies.

• Proficiency with scripting or programming languages such as Python, Powershell/C#, Bash.

• Industry relevant certifications such as BTL1/2, GMON, GCIH, GCFA, GREM, are appreciated but not mandatory.

• You are proficient in clearly articulating technical findings and recommendations to both technical and non-technical stakeholders, and the capability to work independently or as part of a team.

• You have a passion for the field of computer and network security.

Preferred:

• You have experience responding to incidents in cloud environments as well as Network and Endpoint security monitoring experience in a large sophisticated environment.

• Demonstrated ability to analyze, triage, and escalate information security incidents as well as being familiar with various defensive and offensive security tool sets.

• You are comfortable challenging the status quo, to improve the security posture of the Roche group and have the ability to work within security frameworks and methodologies (e.g. ATT&CK, STRIDE).

• Experience with Google Workspace, Microsoft Office 365, Entra ID, Sharepoint Online, PAN XDR, Splunk, BigQuery and threat intel platforms such as MISP, OpenCTI

• You are proficient in English.

Relocation benefits are not available for this posting.

At Roche, more than 100,000 people across 100 countries are pushing back the frontiers of healthcare. Working together, we’ve become one of the world’s leading research-focused healthcare groups. Our success is built on innovation, curiosity and diversity.

Roche Pharma Canada has its office in Mississauga, Ontario and employs over 850 employees. The Mississauga facility is bright, vibrant, fosters collaboration and teamwork, and is reflective of Roche's truly innovative culture.

As of January 4, 2022, Roche requires all new employees who work in Canada to be fully vaccinated against COVID-19 on the date they take office. This requirement is a condition of employment at Roche that applies regardless of whether the position is on a Roche campus or remotely. If you have a valid reason for not being fully immunized, which is limited to certain specific medical reasons or other valid reasons protected by applicable human rights laws, you may request an exemption and / or adaptation measures regarding this vaccination requirement.