OT Cybersecurity Engineer
Tucson
Full Time Mid-level / Intermediate USD 172K+
Roche
As a pioneer in healthcare, we have been committed to improving lives since the company was founded in 1896 in Basel, Switzerland. Today, Roche creates innovative medicines and diagnostic tests that help millions of patients globally.Roche fosters diversity, equity and inclusion, representing the communities we serve. When dealing with healthcare on a global scale, diversity is an essential ingredient to success. We believe that inclusion is key to understanding people’s varied healthcare needs. Together, we embrace individuality and share a passion for exceptional care. Join Roche, where every voice matters.
The Position
A healthier future. It’s what drives us to innovate. To continuously advance science and ensure everyone has access to the healthcare they need today and for generations to come. Creating a world where we all have more time with the people we love. That’s what makes us Roche.
Job Summary
You will take active involvement in the implementation of the Manufacturing Cybersecurity Management System in the entire system and service lifecycle including Plan, Design, Build and Release, Operate and Maintain at our site in Tucson, AZ. This is an exciting opportunity to be apart of a dynamic team doing now what patients need next.
The Opportunity
You will take part in technical design reviews, integration, testing, and documentation activities concerning new IT and OT systems
You will be the OT Cybersecurity Advisor during OT System planning phase and support development of Manufacturing Cybersecurity standards and baselines, IT OT System Risk Assessment process, coordination process for IT OT Security Patch planning, vulnerability management process in OT area, development of strategies to respond to and recover from a security breach in OT environment
You will support investigation after security breaches and develops suitable defense measures, evaluate system changes for security implications, and recommend enhancements
You will perform the design and sustainment of OT Security Monitoring (IIDS), participate in Technical Design reviews, and coordinate IT OT services and activities delivered by Vendors
You will review Manufacturing Firewall Requests and generate GxP documentation and executing testing protocols in a regulated environment
You will provide technical support during the Incident Response process including steps to minimize the impact, conducting a technical and forensic investigation into how the breach happened and the extent of the damage
You will be focusing on L0-L3 of the ISA95 model
Who You Are
Bachelor’s degree in Computer Engineering, Computer Science, Automation Engineering or related field
3+ years of experience in system and/or network administration
Preferred Technical skills
Expertise in anti-virus software, intrusion detection, firewalls and content filtering in OT
Knowledge of risk assessment tools, technologies and methods
Expertise in designing secure networks, systems and application architectures
Disaster recovery, computer forensic tools, technologies and methods
System administration, supporting multiple platforms and applications
Endpoint security solutions, including file integrity monitoring
Deep understanding of cybersecurity terms and principles (defense-in-depth, network segmentation, security monitoring and incident response, access management, OT patch management, secure remote access, anti-malware protection etc.)
Very good knowledge about local manufacturing and automation systems in use
Advanced knowledge on networking (LAN/WAN) and industrial networking including significant low-level networking experience with the TCP/IP and CIP; emphasis on Cisco devices
Hands-on experience configuring network devices (switches, routers, firewalls, …)
Solid knowledge on IT and OT infrastructure, including PLC security and protection; emphasis on Rockwell Automation
Current knowledge of technology capabilities and trends; types, and techniques of hacking attacks
Proficient in Java, Net, C++, Python, bash, power shell
Familiarity with ISA95 model
One of five potential security-related certifications (Certified Ethical Hacker (CEH), CompTIA Security+, Certified Information System Security Professional (CISSP), ISA/IEC 62443 Cybersecurity Specialist certification, Global Industrial Cyber Security Professional (GICSP))
Relocation Benefits are not available for this posting
The expected salary range for this position based on Tucson Arizona is$92,800 - $172,300. Actual pay will be determined based on experience, qualifications, geographic location, and other job-related factors permitted by law. A discretionary annual bonus may be available based on individual and Company performance. This position also qualifies for the benefits detailed at the link provided below.
Who we are
At Roche, more than 100,000 people across 100 countries are pushing back the frontiers of healthcare. Working together, we’ve become one of the world’s leading research-focused healthcare groups. Our success is built on innovation, curiosity and diversity.
Ventana Medical Systems, Inc. (Ventana), a member of the Roche Group, innovates and manufactures instruments and reagents that automate tissue processing and slide staining for cancer diagnostics. Our integrated staining, workflow management and digital pathology solutions optimize laboratory efficiency to reduce errors and support diagnosis for pathology professionals. Together with Roche, Ventana is driving personalized healthcare through accelerated drug discovery and companion diagnostics.
Roche is an equal opportunity employer and strictly prohibits unlawful discrimination based upon an individual’s race, color, religion, gender, sexual orientation, gender identity/expression, national origin/ancestry, age, mental/physical disability, medical condition, marital status, veteran status, or any other characteristic protected by law.
If you have a disability and need an accommodation in relation to the online application process, please contact us by completing this form Accommodations for Applicants.
Tags: Automation Bash C CEH CISSP CompTIA Computer Science Endpoint security Firewalls GICSP IEC 62443 Incident response Industrial Intrusion detection Java Malware Monitoring Python Risk assessment TCP/IP Vulnerability management
Perks/benefits: Equity / stock options Relocation support Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Information Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Security Consultant jobs
- Open Security Operations Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Information Security Architect jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open DevSecOps-related jobs