Cyber Security Engineer -Edge Defense (Cloud)

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections,  where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

The Position

The Opportunity:

As a Senior Cybersecurity Engineer for Cloud & Edge Defense, you will be the primary architect and engineer responsible for the security of our global digital boundaries and multi-cloud ecosystems. Your mission is to secure our "front door" by designing and implementing high-performance traffic inspection solutions across AWS, GCP, and Azure using Palo Alto VM-Series as the central pillar. This is a technical "implementer" role where you will architect, design, build, and operate cloud network security infrastructure.

Your main responsibilities will include:

• Multi-Cloud Infrastructure Design: Design and develop robust cloud network infrastructure across AWS, GCP, and Azure, leveraging Palo Alto instances for deep traffic inspection.

• Advanced Palo Alto Engineering: Execute advanced configuration and management of Palo Alto solutions (VM-Series, Panorama), including complex upgrades and migrations in production.

• Cloud Programming & Automation: Leverage cloud vendor network infrastructures to configure and deploy security solutions via automated pipelines using Terraform and Python.

• Feature Enforcement: Implement and manage App-ID, User-ID, WildFire, Threat Prevention, SSL Decryption, and GlobalProtect to enforce a Zero Trust posture.

• Operational Excellence: Manage security policies as code and improve automation workflows and cross-platform orchestration to eliminate manual friction.

• Technical Subject Matter Expertise: Troubleshoot complex issues related to cloud-native routing, load balancing, and firewall inspection within multi-cloud environments.

Who you are:

• You hold a Bachelor’s degree in Computer Science, Software Engineering, Information Security, or a related technical field.

• You have a proven track record of implementing network security controls in at least two major cloud providers (AWS, Azure, or GCP).

• You possess 3+ years of experience configuring and maintaining Palo Alto Next-Generation Firewalls (NGFW), including TLS inspection, WildFire, and GlobalProtect.

• You have proven experience using Ansible, Terraform, or Python to manage network security infrastructure at scale.

• You have a deep understanding of core protocols (BGP, OSPF, DNS, TLS/SSL) and how they intersect with security enforcement.

Preferred:

• Palo Alto Networks PCNSE, AWS Certified Security, or Azure Security Engineer Associate certifications.

• Proficiency in Infrastructure as Code (IaC) using Terraform and GitHub to maintain version-controlled security configurations.

• Strong scripting skills in Python or Go to build custom API integrations between security platforms.

• Experience working in highly regulated environments such as Pharmaceuticals, Healthcare, or Finance.

• A self-starter with the ability to manage technical workstreams from concept to production with minimal supervision.

Relocation benefits are not available for this posting

Who we are

A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let’s build a healthier future, together.

Roche is an Equal Opportunity Employer.