DevSecOps Developer

Roche fosters diversity, equity and inclusion, representing the communities we serve. When dealing with healthcare on a global scale, diversity is an essential ingredient to success. We believe that inclusion is key to understanding people’s varied healthcare needs. Together, we embrace individuality and share a passion for exceptional care. Join Roche, where every voice matters.

The Position

Designing, developing, and deploying DevSecOps applications using low & no-code platforms. Collaborating with cross-functional teams to understand requirements and deliver solutions that align with business objectives.

Description:
We are seeking a highly motivated professional with experience in Security and Privacy to join our dynamic team. As a PSPO DevSecOps developer, you will help with UI & dashboard development for
application security posture management, security orchestration and risk assessment

Responsibilities
● Develop web applications & dashboards using some of the well knowns low-code or no-code frameworks such as directus, frappe, django, flask or Google Appsheet

● Develop database models & GraphQL API interfaces for interoperability
● Develop and automate technical workflows for investigations and assessments for cybersecurity vulnerabilities and drive onboarding of new products in Vulnerability Monitoring,and provide training to relevant stakeholders in the organization regarding Vulnerability Handling and Incident Response.
● Develop, maintain and continuously optimize processes, playbooks and tools for Vulnerability Monitoring, Vulnerability Management, Incident Response, Threat Intelligence and Security Testing.

Requirements:
● Minimum 3 years of related work experience in SDLC & cloud ops
● Team player, proactive, self-driven, self-motivated, solution-oriented, hands-on.
● Demonstrated experience in Cloud computing technologies, full stack deployments etc.
● Demonstrated experience in K8S, AWS or GCP, Docker and other cloud native tools
● Demonstrated skills in Python, NodeJS, MySQL, Redis and ElasticSearch
● Ability to develop Terraform, K8S manifests or other forms of infrastructure as code
● Demonstrated experience automating security controls (eg shell scripting, python)
● Experience in managing information security and privacy risks and threat modeling.
● BA/BS in Business, Information Systems, Computer Science or a related relevant area of study is a plus
● Certifications are a plus: SANS GIAC (GCIH, GPEN, GCIA, GCFA and others) , CEH, CISSP, CISA, CISM, LA ISO27001.

Who we are

At Roche, more than 100,000 people across 100 countries are pushing back the frontiers of healthcare. Working together, we’ve become one of the world’s leading research-focused healthcare groups. Our success is built on innovation, curiosity and diversity.

Roche is an Equal Opportunity Employer.