Principal Security Analyst Job In Roche In India

The PositionPrincipal Security Analyst - Product IT Center of Enablement in Diagnostics ITWho we areRoche's expanding digital product portfolio demonstrates its commitment to provide healthcare professionals, laboratories, and patients with digital and digitally-enabled solutions that transform patient care The existing product portfolio includes decision support systems, data management solutions, and workflow solutions At the center of these diverse types of solutions is always patient data security and privacy as the highest priority for RocheIn this context, Roche has built a global team that builds, secures, and operates infrastructure platforms (cloud and on-prem) for its digital products This team is working with a high freedom to operate in a self-organized setup and is responsible for tackling the cybersecurity, compliance, and infrastructure challenges of the healthcare industry while enabling high-velocity product development.

The PositionIn the position of Principal Security Analyst you will join the Diagnostic Product IT Center of Enablement team and will be part of the Edge security teamAs the Principal Security Analyst for Product IT Center of Enablement, you create and analyze security policies and procedures to determine weakness in infrastructure security and complete a thorough audit of existing measuresYou conduct technical analysis and triage based on triggered alerts to determine the severity, impact, scope and corresponding response actions And you anticipate data breaches by ethically hacking into the company's secure systems while determining future flaws and their preventionIn addition, you will:

• Utilize security tools to improve company's security posture
• Monitor network traffic as an intrusion prevention specialist to detect possible threats and respond to threats immediately as they occur
• Document playbooks and runbooks for security incidents
• Understand reverse engineering to have a thorough knowledge of malware analyzation and bug patching on various software platforms
• Minimize negative impact of security breach by shifting security measures for future prevention and creating information assurance and firewalls
• Analyze logs from SIEM and create meaningful alerts and dashboards
• Proactively search for Threats to prevent or minimize Cybersecurity attacks
• Have In-depth understanding of inner Kubernetes workings (networking and storage stack, pod scheduling)
• In-depth understanding of the Linux operating system and how it interacts with container runtimes
• Knowledge of PKI management
• High level understanding of edge devices running on customer premises, encryption of data at rest and in transit.
  
  
• Be on call and part of security operations team

Ideally, this position will be located in Sant Cugat or Madrid (Spain) Other possible locations could be Pune (India), or Mississauga (Canada)Who you areYou have experience with implementing MITRE ATT&CK framework using SOAR tools required You have a strong shift left and security first mindset and you demonstrated knowledge of bug bounties, cross-site scripting, broken authentication, cross-site request forgery, and web application scanningYou have a University degree in computer science, engineering, or other related fields, or equivalent experience.

You bring experience working in a multicultural environment and proven cultural awarenessFurthermore, you bring:

• Very good interpersonal skills, a team player attitude and mindset, and you like bringing others up to speed on technology
• Strong communication skills, both written and spoken
• Strong Knowledge of host level forensic
• Experience creating meaningful alerts to detect security incidents
• Basic Understanding of perimeter protection tools: AWS native components/tools, NIDS, Web Application and Network Firewalls
• Knowledge of shell scripting, Python (desirable)
• Basic knowledge of operating systems: required Linux and docker fundamentals
• Knowledge of OWASP standard.
  
  
• Understanding of host protection concepts like file integrity, next-generation antivirus, host intrusion detection, whitelisting
• CISSP, GCIH, CISA, CISM, or other industry certifications preferred
• Nice to have Hands-on experience in forensic science, data analysis, intelligence analysis, malware reversing, network and endpoint security, adversary tracking, and other security-related tasks

Roche embraces diversity and equal opportunity in a serious way We are committed to building a team that represents a variety of backgrounds, perspectives, and skills.

The more inclusive we are, the better our work will beIf you still have questions then please check our FAQs and videos on careersrochech/faq#DigitechSpain#Who we areAt Roche, more than 100,000 people across 100 countries are pushing back the frontiers of healthcare.

Working together, we've become one of the world's leading research-focused healthcare groups Our success is built on innovation, curiosity and diversityRoche is an Equal Opportunity Employer

Roche is looking for .

Roche is looking for Any Graduate / Post Graduate profile candidates.