About the role

Aplyr's Quick Take

This role is about leading security and privacy risk assessments for Roche's digital projects, ensuring they meet compliance and security standards. It's an individual contributor position focused on bridging IT, legal, and business functions, particularly in complex environments like GenAI and cloud platforms.

Good fit

Ideal candidates will have significant experience in information security governance, particularly with regulatory frameworks like GDPR. A proactive, collaborative working style is essential, as well as the ability to influence and lead initiatives independently.

Worth noting

The role emphasizes a strategic partnership approach rather than just compliance checking, which may appeal to those looking for a more impactful position. The focus on emerging technologies like Generative AI suggests a forward-thinking environment.

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

The Position

As an Expert within the Information Security & Privacy Advisory (ISPA) team, you move beyond "checking boxes" to become a strategic partner for global Engineering hubs. You will lead high-impact security and privacy risk assessments, ensuring Roche’s most ambitious digital projects—from GenAI to cloud-native platforms—are resilient, "Secure by Design," and compliant with global regulations.

The Team
The Information Security & Privacy Advisory (ISPA) team serves as the strategic bridge between IT, business, and legal functions at Roche. Our mission is to ensure that Roche’s digital landscape—from cutting-edge GenAI platforms to global enterprise solutions—is secure by design and compliant with international standards. We act as a global center of excellence that translates complex regulatory requirements into actionable security architecture, providing the expert guidance necessary to navigate a rapidly evolving global risk landscape.

Key Responsibilities

High-Risk Advisory: Lead Security Expert Reviews (SER) for complex architectures, performing deep-dive technical and privacy evaluations to identify and mitigate residual risks.
Privacy: Bridge the gap between IT, Legal, and Data Protection Officers. Translate complex legal mandates (GDPR, CCPA etc.) into actionable technical and organizational controls.
Information Security: Contribute to Security Design Patterns and Technical Baselines for emerging technologies like Generative AI and Cloud-native ecosystems.
Risk Governance: Utilize ServiceNow IRM to ensure the integrity and traceability of security advisory, delivering data-driven, consistent, and audit-ready results.
Peer Excellence: Foster a "Four-Eye" quality culture through peer reviews and collective knowledge exchange within a global team of experts.

Who You Are

Our Ideal Mindset: A proactive Expert & Influencer who brings deep industry experience to an established team. You have the confidence to lead initiatives independently while thriving in an environment of collective knowledge exchange.

Qualifications:

Experience: 5–10 years in Information Security/GRC, with a proven track record in Information Risk Assessments and DPIAs in complex, global environments.
Technical Savvy: Deep understanding of Security Architecture and the ability to translate "Legal-speak" into "Engineering-speak."
Regulatory Mastery: Expert knowledge of international privacy frameworks (GDPR, CCPA, HIPAA, etc.) and security standards (ISO 27001, NIST).
System Proficiency: Experienced in using ServiceNow IRM to execute and document risk assessments, utilizing the platform to ensure consistent, high-quality, and transparent security guidance.
Education: Degree in Computer Science or Legal. Certifications like CISSP, CISM, CRISC, CIPP/E, CIPM or ISO27001 Lead Auditor are highly valued.
Communication: Exceptional stakeholder management skills with the ability to drive consensus across a global organization.

Who we are

A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let’s build a healthier future, together.

Roche is an Equal Opportunity Employer.

Skills & Tags

Aplyr's read

Roche is a leader in pharmaceuticals and diagnostics, known for its innovative approach to improving healthcare. It attracts professionals passionate about scientific advancement.
Synthesized from recent postings & public sources

What's promising

•Roche invests heavily in R&D, driving innovation in pharmaceuticals and diagnostics.
•The company offers diverse career opportunities across various scientific and business disciplines.
•Roche's global presence provides employees with international career growth and collaboration opportunities.

What to watch

•The highly regulated industry may lead to slower decision-making processes.
•Roche faces intense competition from other pharmaceutical and diagnostics companies.
•Job roles may require specialized expertise, limiting broader career entry points.

Why Roche

•Roche integrates pharmaceuticals and diagnostics, offering a comprehensive healthcare approach.
•The company has a strong focus on personalized medicine and targeted therapies.
•Roche's commitment to sustainability and innovation sets it apart in the healthcare industry.

Aplyr’s read is generated by AI from public sources. Was it useful?

About Roche

Roche

roche.com

View company

Roche is a global pioneer in pharmaceuticals and diagnostics focused on advancing science to improve people's lives. The company is known for its innovative medicines and diagnostic tools.