Roche

SecurityEngineer-RDTVulnerability&ExposureManagement

San Jose, Costa Rica FULL TIME

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Mid candidates.

The Brief

“Security Engineer - RDT Vulnerability & Exposure Management at Roche. Skills: Vulnerability management, Security engineering, Cloud security. Triage critical vulnerabilities. Investigate critical vulnerabilities”

What You'll Achieve.

Manage and reduce existing risks; Assess and evaluate weaponization of emerging risks

Industry & Context.

Problems you'll solve

Analyze security vulnerabilities; Develop methods to confirm exploitability

What They're Looking For.

Must Have

Associate Degree in a relevant field or 5+ years of experience in the information security field, Demonstrated ability to triage, analyze, and escalate security vulnerabilities, Experience with attack surface management in a large and global environment, Programming experience (e. g. , Python, Node. js, JavaScript), Familiarity with modern, AI-assisted code development and engineering workflows, Emphasis on web application, network, and computer security, Experience validating vulnerabilities, Basic exploit development, Track record of contributing to open-source security projects, Writing custom detection logic/templates/scripts, Hands-on cloud security experience, Communication skills with the ability to explain complex risks to non-technical audiences, Balancing operational tasks with research projects, Fluent in English

Nice to Have

Industry certifications in the field of offensive security (e. g. , OSCP, GWAPT, OSWE)

What You'll Do.

Triage critical vulnerabilities

Investigate critical vulnerabilities

Respond to critical vulnerabilities

Evaluate vulnerabilities

Prioritize vulnerabilities

Research emerging vulnerabilities

Develop methods to confirm exploitability

Work with system owners

Work with stakeholders

Mitigate security vulnerabilities

Assess company systems

Assess web applications

Maintain scanning solutions

Improve scanning solutions

Engineer scanning solutions

Maintain detection solutions

Improve detection solutions

Engineer detection solutions

Maintain automation solutions

Improve automation solutions

Engineer automation solutions

Participate in security monitoring

How You'll Work.

Team & Collaboration

Work with system owners; Work with other stakeholders

Communication Scope

Explain complex risks to non-technical audiences

Full Job Description

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters. ### ### The Position The Global Security Monitoring and Incident Response (MIR) team at Roche strives to keep our networks and users safe from constantly evolving threats. As a Security Engineer on the Vulnerability and Exposure Management Team, you will help protect sensitive data and defend computer systems and web applications from existing and emerging threats. You will not just be managing scanner output. You will help manage and reduce existing risks, assess and evaluate the weaponization of emerging risks, and act as a core builder of our future capabilities. **The Opportunity** As an integrated part of the Vulnerability and Exposure Management team, your main responsibilities include: * Triage, investigate, and respond to critical vulnerabilities affecting Roche. * Evaluate and prioritize vulnerabilities found through our tools, including our bug-bounty program. * Research emerging vulnerabilities and develop methods to confirm exploitability against our attack surface. * Communicate risk and work with system owners and other stakeholders to mitigate security vulnerabilities. * Assess company systems and web applications using both automated and manual tools. * Maintain, improve, and engineer our scanning, detection, and automation solutions. * Participating in security monitoring for a global environment. **Who you are** * You hold an Associate Degree in a relevant field or 5+ years of experience in the information security field. * You possess a demonstrated ability to triage, analyze, and escalate secur

Free ATS check

Applying for this Security Engineer - RDT Vulnerability & Exposure Management role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 27 detected · ranked by frequency

Vulnerability management ×3

Cloud security ×3

Triage ×3

Investigate ×3

Respond ×3

Evaluate ×3

Prioritize ×3

Research ×3

Develop methods ×3

Communicate risk ×3

Mitigate vulnerabilities ×3

Assess systems ×3

Maintain solutions ×3

Improve solutions ×3

Engineer solutions ×3

Participate in monitoring ×3

Security engineering ×2

Python

Node.js

JavaScript

Exposure management

Risk assessment

Security monitoring

Incident response

Scanning tools

Detection solutions

Automation solutions

Role Details

Seniority mid

Experience 5–5 yrs

Level Mid

Type FULL TIME

Education Associate Degree

AI-Extracted Insights

Domain Areas

information-securitycomputer-securitynetwork-securityweb-application-securityattack-surface-managementcloud-native-architecture

Certifications

OSCPGWAPTOSWE

How to Apply on Workday

Workday has a multi-step form — save your progress after every section.
"Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about Roche?

Real rants from real employees. Read before you apply.

Read Company Rants →