IT GRC Expert - RDT Quality, Risk & Compliance

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections,  where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

The Position

IT GRC Expert - RDT Quality, Risk & Compliance

As an IT GRC (Governance, Risk & Compliance) Expert - RDT (Roche Digital Technology) Quality, Risk & Compliance you design and implement comprehensive IT resilience, risk management, and compliance strategies aligned with business objectives. You lead complex risk assessments, develop refined audit and continuity programs, and establish best practices for handling critical disruptions and regulatory compliance. Acting as an expert advisor to high-level stakeholders, you lead responses to critical incidents and ensure the scalability and future-proofing of enterprise-wide risk and continuity solutions.

The Opportunity:

• You will develop and refine enterprise-wide risk management, compliance, and continuity strategies to enhance our global recovery plans.

• Lead the response to critical IT risk, audit, and continuity events while establishing global best practices for handling disruptions.

• Conduct post-incident reviews and "deep-dives" to identify systemic failures and implement continuous improvement frameworks.

• Manage high-level stakeholder relationships, acting as a strategic advisor to align risk policies with evolving business needs.

• Provide strategic insights based on industry best practices to ensure our compliance frameworks remain world-class.

• Oversee the scalability of IT resilience solutions, integrating complex policies with existing enterprise systems.

• Evaluate and select advanced tools for enterprise management to future-proof our technical resilience landscape.

• Facilitate advanced training sessions for cross-functional teams on BCM best practices and advanced problem-solving techniques.

Who you are: 

• You possess extensive experience in architecting enterprise-wide IT resilience and risk management strategies at a strategic level.

• Expert in Life Sciences regulations, including GxP, SOX, and HIPAA, with a deep understanding of computer systems validation (CSV).

• Highly knowledgeable in IT General Controls (ITGC) and frameworks such as SOC2, ISO 27001, NIS2, and DORA.

• Technically proficient in AWS and Azure environments, specifically regarding shared responsibility models and cloud-native DR orchestration.

• Proven ability to establish governance guardrails for emerging technologies like Generative AI, RPA, and SaaS.

• Skilled in secure SDLC and DevOps stacks (Jira, Jenkins, Bitbucket) with the ability to implement Compliance-as-Code.

• Holder of a Bachelor’s or Master’s degree in IT or Cybersecurity, and at least one active credential: CISA, CRISC, CISM, CISSP, or ISO 22301.

What you get:

• Salary range 19 000 - 35 400PLN gross based on the employment contract.

• Annual bonus payment based on your performance.

• Dedicated training budget (training, certifications, conferences, diversified career paths etc.).

• Recharge Fridays (2 Fridays off per quarter available).

• Take time Program (up to 3 months of leave to use for any purpose).

• Vacation subsidy available.

• Flex Location (possibility to perform our work from different places in the world for a certain period of time).

• Take Time for Charity (additional paid leave of maximum 2 weeks to engage in the charity action of your choice).

• Private healthcare (LuxMed packages), group life insurance (UNUM) and Multisport.

• Stock share purchase additions.

• Yearly sales of company laptops and cars and many more!

Apply directly and join us in shaping the future of healthcare.

If you feel this offer suits a friend of yours, feel free to share it. 

Want to know what it’s like to be a part of Roche IT first-hand?  Check out our blog!  

https://careers.roche.com/global/en/we-are-roche

…..

The controller of your personal data is Roche Polska Sp. z o.o., ul. Domaniewska 28, 02-672 Warsaw. The data is processed for the purpose of recruitment. You have the right to access your data, rectify it, delete it, limit processing, transfer it and - if processing is based on your consent - withdraw this consent at any time. Contact the Data Protection Officer at: Ochrona.danych@roche.com. More information on the principles of processing your personal data by Roche at the link:  

 https://www.roche.pl/pl/content/klauzula-informacyjna-rekrutacja-en.html

Roche Polska sp. z o.o.  operates in full compliance with the law and does not tolerate any violations. Roche  Polska sp. z o.o.  has implemented a Procedure for Reporting Violations of Law. If you wish to report any irregularities related to our activities, all necessary information regarding the reporting process can be found on our website: https://www.roche.pl/kontakt/ochrona-sygnalistow-zglaszanie-naruszen.

Compensation & Benefits

The expected salary range for this position, based on the primary location of Warsaw Grafit is 228,900.00 PLN-425,100.00 PLN. Final compensation will be determined by a number of factors, including your skills, experience, qualifications, and location. In addition to base pay, this role may be eligible for a discretionary annual bonus with a target of 20% subject to both individual and company performance.

This position also offers an attractive benefits package.

Learn more about how we reward our employees at Roche.

Who we are

A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let’s build a healthier future, together.