As the Enterprise Security Architect, you provide security technology strategy and architecture leadership and direction to Roche Group worldwide. You ensure that security enforcement technologies and standards are used and applied to enable strong and seamless security in support of Roche’s business strategies and processes.Your main responsibilities are:
- To understand the business strategies and needs and developing security technology architecture to enable them securely
- Analyze current technology environment to identify deficiencies and recommending solutions, as well as staying abreast of emerging security technologies and trends and apply them where appropriate
- Create compelling presentations to articulate the technical strategies, architecture and roadmaps to various levels in the Organization
- Work with Information Security group to define the strategies and principles that guide technology decisions and tradeoffs for the enterprise
- Consult on technical architecture implementation activities with all stakeholders and Solution Owners to ensure alignment
- Oversee and work with Engineering on the evaluation and selection of security related technologies and products. Also, work with Engineering to define and create the standards and implementation patterns
- Identify the organizational impact and financial impact of the security enforcement solutions
Skills and Experience:You have a Bachelor's degree in computer science or equivalent experience and ITIL v3 foundation and CISSP, CISM, CISA certified (desired). Ideally, you have strong business knowledge in the Pharma/Biotech industry and associated processes and you bring the following qualifications:
- 10 to 15 years of experience in IT security and risk management with medium to large global enterprises with global geographical typologies
- Accomplished in framing an enterprise IT architecture, proven to deliver against the original strategy and needs for the environment
- Experience with the topic of exchanging data (mergers and acquisitions, partnering, collaboration, sharing data, etc.), as well as with Cloud Security Concepts (SaaS, PaaS, IaaS), Mobile Architecture, Container security, DevOps, IoT security, Network and Application Security and Data protection
- Excellent understanding technology domains like: security and privacy, PKI infrastructure, IPSec and encryption technologies, Network and cyber security including LAN, WAN, WLAN, DMZ & Proxy, VPN, Internet etc., Identity management, access and authorization controls . Single Sign On, Identity and Access Management solutions, End-point security, Monitoring and vulnerability assessment, Business Application security and risk management - business continuity and disaster recovery
- Ability to review proposed solution architectures, identify risks and provide remediation recommendations in line with established standards and overall security posture.
Roche is an equal opportunity employer.
Information Technology, Information Technology > IT Architecture