Roche fosters diversity, equity and inclusion, representing the communities we serve. When dealing with healthcare on a global scale, diversity is an essential ingredient to success. We believe that inclusion is key to understanding people's varied healthcare needs. Together, we embrace individuality and share a passion for exceptional care. Join Roche, where every voice matters.
The Position
We are the global product security and privacy center of Roche Diagnostics worldwide. Our vision:
- To build a solid Global Product Security and Privacy Operations function, provide strategic security insight across Roche Diagnostics to ensure our devices are what our regulators require and our patients deserve
Our priorities:
- Understanding our customers and Stakeholder needs to deliver effective security on testing solutions
- Develop an agile and sustainable operating business model to deploy security concepts that enable confident healthcare decisions.
- Institutionalize security role models to provide guidance, education and awareness to maximize the security of Roche Diagnostics solutions and create trust along the patients journeys
Data security and privacy are key success factors in our digital transformation and essential to reach our ambitions. You are inspired to contribute to the overall Roche Diagnostics vision by applying end-to-end Division-wide product security and privacy operations to keep our products and services secure and privacy compliant throughout the entire lifecycle. You believe in the potential of science, technology, data and insights to improve the standard of care for humankind and you are eager to help navigate through unchartered territory to lift this potential.
Responsibilities:
- Coordinates and manages IT security and privacy compliance activities in the Viewics organization within Roche Diagnostics at a global level
- Authors new or updated policies and procedures for internal partner and stakeholder input
- Creates and maintains security and privacy relevant documentation in response to legal and regulatory requirements (e.g. HIPAA, GDPR, etc.), manages the documentation and related intranet repositories
- Prepares and delivers communication and training to educate Viewics teams on the evolving compliance landscape and new or updated policies and related changes
- Supports Roche Sales and IT groups, legal and other appropriate parties to address customer questions and needs regarding Viewics products to ensure customer confidence in data security
- Where observed, escalates actual or potential compliance violations or other issues to relevant colleagues or management, according to local, regional and/or global policies and procedures
- Coordinates and manages Information Security Incidents, manages Information Security and Privacy Risks related to the Viewics environment
Who you are:
- 6+ years related work experience in driving cybersecurity, privacy, and risk management programs in medium to large enterprise organizations
- 4 6 years of related experience in the healthcare, diagnostics, and / or pharmaceutical industry, preferred
- ISO 27001 Lead Auditor, CISA, CISM, CISSP, GIAC, OSCP, SSCP or equivalent certification
- Excellent knowledge of HIPAA, GDPR, and other privacy relevant legislation and regulations
- Good understanding of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation
- Great interest in all aspects of security and privacy research and development
What we offer:
- Dynamic and collaborative team environment
- Global influence and impact
- Vibrant and enjoyable workplace culture
- Career advancemen
- Many other benefits and opportunities for growth
Location:
You can be based in Sant Cugat with an hbrid model.
As this position is a global role, international business travel will be required depending upon the business location of the successful candidate and ongoing business project activities.
Who we are
At Roche, more than 100,000 people across 100 countries are pushing back the frontiers of healthcare. Working together, we've become one of the world's leading research-focused healthcare groups. Our success is built on innovation, curiosity and diversity.
Roche is an Equal Opportunity Employer.