Senior Security Engineer- Blue Team

United States of America, California, Belmont
United States of America, California, Pleasanton

de fr es ru tr it pt zh ja

Roche is building a very specialized hands-on security team to face the cyber security challenges on the Healthcare industry. The Blue Team Senior Security Engineer will be building the most advanced cyber defenses around critical medical devices and platforms during the development and after its final release improving them according to the Red Team assessments and the latest threats.  


  • Evaluate and propose innovative security tools and strategies to keep a cutting edge cyber defense strategy

  • Orchestrate application and infrastructure defense mechanisms to increase prevention, detectability and containment capabilities

  • Incorporate defense and hardening mechanisms by design balancing performance and usability

  • Deploy defense and hardening mechanisms responding to incidents and  adapting to emerging threats

  • Develop an effective vulnerability management strategy in collaboration with the Red Team to prioritize patching and mitigation controls.


  • Deep understanding of application security architecture and lifecycle

  • Knowledge of OWASP standard

  • Experience with threat modeling and risk management

  • Knowledge of code vulnerability management

  • Experience deploying active defense mechanisms

  • Knowledge of translate the compliance, privacy and security requirements to product features

  • Deep understanding of networking and cloud security

  • Extensive experience with AWS components stack and desirable knowledge of Google Cloud and Microsoft Azure

  • Extensive experience with network communication protocols

  • Understanding of perimeter protection tools: AWS native components/tools, NIDS, Web Application and Network Firewalls

  • Understanding of cloud provisioning tools CloudFormation and Terraform

  • Deep knowledge of operating systems: required Linux, desirable Windows and OSX

  • Deep knowledge of host protection: file integrity, next generation antivirus, host intrusion detection, whitelisting

  • Deep knowledge of host vulnerability management

  • Knowledge of hardening and OS image generation automation

  • Knowledge of host forensic

  • Knowledge of configuration management tools: Ansible, Salt, Chef, Puppet.

  • Desirable developing languages: Shell scripting, Python, Ruby.

  • Strong communication skills, both written and spoken.