
At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.
The Opportunity:
As a Senior Cybersecurity Engineer in the IAM space, you will serve as the technical owner of our Policy Based Access Control (PBAC) infrastructure. In this role, you will lead the design, implementation, and tactical lifecycle management of core authorization components to ensure they are scalable, resilient, and deeply integrated across a hybrid global landscape.
Key Responsibilities:
Infrastructure Ownership & Strategy: Architect and maintain core PBAC components (PDP/PEP) for high availability. Lead the transition from initial use cases to enterprise-wide adoption, establishing global standards for policy-based authorization.
Policy as Code (PaC) & DevOps: Drive the shift to PaC by designing automated CI/CD pipelines for versioning, testing, and deploying authorization logic like software.
Integration & Consulting: Act as a primary consultant for global application and data owners to securely integrate systems via RESTful APIs, SQL/JDBC, and LDAP.
Problem Solving & Analytics: Lead the analysis of complex, highly ambiguous technical problems across organizational boundaries, driving comprehensive root-cause analysis and proactive risk mitigation.
Stakeholder & Vendor Management: Partner with product managers, global developers, and senior management to design secure, user-friendly PBAC flows. Manage production environments using ITIL principles and coordinate with external vendors and Managed Service Providers (MSPs).
Leadership & Continuous Improvement: Mentor team members, build expertise across the organization, and champion business process improvements within Communities of Practice (CoPs).
Who You Are:
Education: Bachelor's degree in a relevant technical field or equivalent work experience
Experience: 8–15 years in IT/Security, with 5+ years strictly focused on Identity & Access Management (IAM) and specific expertise in PBAC/ABAC within large enterprise environments.
Technical Mastery: Advanced, hands-on knowledge of XACML, decentralized policy management, and modern web frameworks under Zero Trust principles (RBAC and ABAC).
IAM & DevOps Foundations: Highly proficient in SAML, OAuth, OIDC, SSO, and IGA. Experience writing custom integrations in Java or Python and deploying via Git-based CI/CD pipelines.
Architectural Mindset: Strong advocate for systems thinking and enterprise-wide consulting advice. You prioritize configurable, "off-the-shelf" capabilities over heavy customization for long-term maintainability.
Communication: Fluent in English with exceptional interpersonal skills to navigate complex conflicts, build global consensus, and translate architectural concepts for non-technical stakeholders.
Preferred Qualifications:
Regulated Environments: Deep familiarity with data privacy regulations such as GDPR.
Operational Frameworks: Experience working within Agile methodologies and applying ITIL frameworks in cross-functional global team structures.
Relocation benefits are not available for this posting.
A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.
Let’s build a healthier future, together.
Roche is an Equal Opportunity Employer.

Roche is a global pioneer in pharmaceuticals and diagnostics focused on advancing science to improve people’s lives. The combined strengths of pharmaceuticals and diagnostics under one roof have made Roche the leader in personalised healthcare – a strategy that aims to fit the right treatment to each patient in the best way possible.
Roche is the world’s largest biotech company, with truly differentiated medicines in oncology, immunology, infectious diseases, ophthalmology and diseases of the central nervous system. Roche is also the world leader in in vitro diagnostics and tissue-based cancer diagnostics, and a frontrunner in diabetes management.
Founded in 1896, Roche continues to search for better ways to prevent, diagnose and treat diseases and make a sustainable contribution to society. The company also aims to improve patient access to medical innovations by working with all relevant stakeholders. Thirty medicines developed by Roche are included in the World Health Organization Model Lists of Essential Medicines, among them life-saving antibiotics, antimalarials and cancer medicines. Roche has been recognised as the Group Leader in sustainability within the Pharmaceuticals, Biotechnology & Life Sciences Industry ten years in a row by the Dow Jones Sustainability Indices (DJSI).
For more information, please visit https://careers.roche.com
Read our community guidelines here:
https://www.roche.com/some-guidelines.htm
#Roche #Biotechnology #Pharmaceuticals #Diagnostics #Healthcare #PersonalisedHealthcare #GreatPlaceToWork #Innovation