SecurityEngineer-Monitoring&IncidentResponse

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters. ### ### The Position The Global Security Monitoring & Incident Response (MIR) team at Roche is dedicated to protecting our networks, systems, applications, and users from constantly evolving cyber threats. As a Security Engineer within the Vulnerability & Exposure Management team, you will play a critical role in identifying, assessing, prioritizing, and reducing cybersecurity risks across Roche’s global environment. This role goes beyond reviewing scanner outputs. You will help investigate critical vulnerabilities, assess exploitability, improve security tooling and automation capabilities, and partner with stakeholders globally to strengthen Roche’s security posture. You will join a collaborative and highly technical cybersecurity team that values innovation, curiosity, continuous learning, and proactive risk reduction. ## Your Opportunity In this role, you will: * Triage, investigate, and respond to critical vulnerabilities impacting Roche systems and applications * Evaluate and prioritize vulnerabilities identified through security tools and external programs, including bug bounty initiatives * Research emerging threats and assess exploitability against Roche’s attack surface * Collaborate with infrastructure, cloud, application, and security teams to drive remediation activities * Assess company systems and web applications using automated and manual testing approaches * Engineer and enhance vulnerability scanning, detection, automation, and monitoring capabilities * Contribute to security monitoring and inci