Cloud Cybersecurity Engineer

📍 Job Overview

• Job Title: Cloud Cybersecurity Engineer
• Company: Roche
• Location: Madrid, Madrid, Spain
• Job Type: Full-Time
• Category: Cybersecurity Engineer
• Date Posted: 2025-05-28
• Experience Level: Mid-Senior Level (2-5 years)
• Remote Status: Remote OK

🚀 Role Summary

• Drive cloud security enhancements and automation for Roche's global cloud platform
• Collaborate cross-functionally to integrate security into the software development lifecycle
• Serve as a security consultant and advocate for the Roche Cloud Platform
• Utilize coding skills to implement automated security solutions and reduce manual operations
• Contribute to software security architecture and provide insights for propositions, product designs, and service enhancements

📝 Enhancement Note: This role requires a strong background in cloud security, with a focus on AWS, and a solid understanding of software development lifecycle and CI/CD processes.

💻 Primary Responsibilities

• Cloud Security Enhancement: Develop, operate, and improve the platform and security capabilities needed to support Roche's cloud solutions
• Security Consultation: Serve as a security consultant and advocate for the Roche Cloud Platform, working closely with engineering teams to explain potential attack vectors and provide remediation recommendations
• Security Architecture: Contribute to software security architecture and provide insights for propositions, product designs, and service enhancements
• Security Gap Analysis: Apply standard security frameworks for gap analysis and collaborate with the platform team and customers for resolution
• Security Collaboration: Work with engineering teams to enhance security across the platform and engage with the broader Security teams to continuously improve data protection within the platform
• Security Decision Making: Assist the team in making decisions regarding technologies, development patterns, automation frameworks, and new approaches to enhance security adoption in the future

🎓 Skills & Qualifications

Education: Bachelor's degree in Computer Science, Information Security, or a related field

Experience: A minimum of 3 years of experience in security and 3 years of experience in AWS Cloud

Required Skills:

• Hands-on experience with fundamental AWS cloud services such as networking, storage, database, and computing
• Understanding of AWS security architecture design and the capability to develop reference implementations
• Demonstrated hands-on experience in creating and implementing security features at a large scale in multi-tenant platforms using AWS native security services like GuardDuty, Security Hub, as Code, etc.
• Understanding of the software development lifecycle, including CI/CD for deploying security mechanisms
• Proficiency in Git, Terraform, and Python, and familiarity with Jenkins and Rundeck
• Excellent collaboration skills and the ability to collaborate with engineering teams to improve security practices
• Problem-solving and decision-making skills
• Experience with agile methodologies

Preferred Skills:

• Familiarity with other clouds like GCP, Azure, or Alicloud
• Experience in data analysis and using insights to drive decision-making
• Experience in reviewing code for quality and security compliance
• Experience in performing penetration testing activities
• Experience developing infrastructure as code that is fully tested: unit/functional/smoke tests using inspec/pytest or similar tooling

Mindset:

• Engineering skill set that is focused on security first philosophy
• Passionate about Cloud Security and development
• Inquisitive personality that’s curious and has a keen interest in learning and improving
• Highly motivated and proactive individual that looks for identifying ways of improvement and proposing new ideas

📊 Web Portfolio & Project Requirements

Portfolio Essentials:

• A portfolio showcasing your experience in cloud security, with a focus on AWS
• Examples of security features implemented at scale in multi-tenant platforms
• Demonstrations of automated security solutions and reduced manual operations
• Case studies highlighting your collaboration with engineering teams to improve security practices

Technical Documentation:

• Code samples and documentation demonstrating your proficiency in Git, Terraform, and Python
• Examples of infrastructure as code that is fully tested: unit/functional/smoke tests using inspec/pytest or similar tooling
• Documentation of security gap analysis and resolution processes

💵 Compensation & Benefits

Salary Range: €60,000 - €80,000 per year (based on market research for mid-senior level cybersecurity roles in Madrid)

Benefits:

• Competitive salary and benefits package
• Opportunities for professional development and growth
• A dynamic and collaborative work environment
• The chance to make a global impact on healthcare

Working Hours: Full-time position with flexible working hours and remote work options

📝 Enhancement Note: The salary range provided is an estimate based on market research for mid-senior level cybersecurity roles in Madrid. Actual compensation may vary based on experience and qualifications.

🎯 Team & Company Context

🏢 Company Culture

Industry: Healthcare and pharmaceuticals

Company Size: Large (100,000+ employees)

Founded: 1896

Team Structure:

• The Information Systems Security team consists of 40 engineers distributed globally, with expertise in various security domains, including Cloud Security, Endpoint Protection, Network Security, and Remote Access Management
• The team collaborates cross-functionally with product teams and engineering teams to develop, operate, and improve the Roche Cloud Platform

Development Methodology:

• Agile methodologies, focusing on collaboration, continuous improvement, and customer value
• CI/CD processes for deploying security mechanisms and integrating security into the software development lifecycle

Company Website: www.roche.com

📝 Enhancement Note: Roche is a global leader in healthcare, with a strong focus on innovation, collaboration, and improving patient outcomes. The company's culture encourages personal expression, open dialogue, and genuine connections, where every voice matters.

📈 Career & Growth Analysis

Cloud Cybersecurity Engineer Career Level: Mid-Senior level role responsible for driving cloud security enhancements, collaborating cross-functionally, and serving as a security consultant and advocate for the Roche Cloud Platform

Reporting Structure: This role reports directly to the Information Systems Security team lead and collaborates with cross-functional product teams and engineering teams

Technical Impact: This role has a significant impact on the security of Roche's global cloud platform, contributing to software security architecture, and providing insights for propositions, product designs, and service enhancements

Growth Opportunities:

• Technical growth through learning new security tools, techniques, and best practices
• Career progression into senior or management roles within the Information Systems Security team or other security domains
• Opportunities to work on high-impact projects and make a global impact on healthcare

📝 Enhancement Note: This role offers significant growth opportunities for cybersecurity professionals looking to advance their careers in cloud security and make a global impact on healthcare.

🌐 Work Environment

Office Type: Hybrid work environment with both on-site and remote work options

Office Location(s): Madrid, Spain

Workspace Context:

• A dynamic and collaborative work environment, fostering open dialogue and genuine connections
• Opportunities to work with cross-functional teams and contribute to high-impact projects
• Access to the latest tools and technologies to support your work

Work Schedule: Flexible working hours with the option to work remotely

📝 Enhancement Note: Roche's work environment encourages personal expression, open dialogue, and genuine connections, where every voice matters. This fosters a collaborative and innovative atmosphere, driving progress in healthcare and improving patient outcomes.

📄 Application & Technical Interview Process

Interview Process:

1. Technical Phone Screen: A phone or video call to assess your technical skills and understanding of cloud security, with a focus on AWS
2. On-site Technical Deep Dive: An on-site visit to Roche's Madrid office for a deeper dive into your technical skills, including a presentation of your portfolio and a discussion of your approach to cloud security
3. Behavioral Interview: An interview focused on your problem-solving skills, decision-making abilities, and cultural fit within the Roche team
4. Final Decision: A final decision based on your technical skills, cultural fit, and alignment with Roche's values and mission

Portfolio Review Tips:

• Highlight your experience in cloud security, with a focus on AWS
• Showcase your ability to implement automated security solutions and reduce manual operations
• Demonstrate your collaboration skills and ability to work with cross-functional teams
• Provide examples of your security gap analysis and resolution processes

Technical Challenge Preparation:

• Brush up on your AWS cloud security knowledge, focusing on native security services like GuardDuty, Security Hub, and as Code
• Familiarize yourself with CI/CD processes and software development lifecycle best practices
• Prepare for questions about your approach to cloud security, security architecture, and security gap analysis

ATS Keywords:

• Programming Languages: Python, Bash, PowerShell
• Cloud Platforms: AWS, GCP, Azure, Alicloud
• Security Tools & Frameworks: GuardDuty, Security Hub, as Code, Inspec, Pytest, Jenkins, Rundeck, Terraform, Git
• Methodologies: Agile, CI/CD, DevSecOps, OWASP, NIST, CIS
• Soft Skills: Collaboration, Problem-solving, Decision-making, Communication, Leadership

📝 Enhancement Note: The interview process for this role is designed to assess your technical skills, cultural fit, and alignment with Roche's values and mission. Be prepared to discuss your approach to cloud security, security architecture, and security gap analysis in detail.

🛠 Technology Stack & Web Infrastructure

Cloud Platforms:

• AWS (primary)
• GCP, Azure, Alicloud (nice to have)

Security Tools & Frameworks:

• GuardDuty
• Security Hub
• as Code
• Inspec
• Pytest
• Jenkins
• Rundeck
• Terraform
• Git

Methodologies:

• Agile
• CI/CD
• DevSecOps
• OWASP
• NIST
• CIS

Programming Languages:

• Python
• Bash
• PowerShell

📝 Enhancement Note: This role requires a strong background in AWS cloud security, with a focus on native security services like GuardDuty, Security Hub, and as Code. Familiarity with other cloud platforms, such as GCP, Azure, or Alicloud, is a plus.

👥 Team Culture & Values

Cloud Cybersecurity Values:

• Security first philosophy
• Collaboration and open dialogue
• Continuous learning and improvement
• Innovation and creativity
• Global impact and patient focus

Collaboration Style:

• Cross-functional teamwork, working closely with product teams and engineering teams
• Open dialogue and genuine connections, fostering a dynamic and collaborative work environment
• Knowledge sharing and technical mentoring, supporting the growth and development of team members

📝 Enhancement Note: Roche's culture encourages personal expression, open dialogue, and genuine connections, where every voice matters. This fosters a collaborative and innovative atmosphere, driving progress in healthcare and improving patient outcomes.

⚡ Challenges & Growth Opportunities

Technical Challenges:

• Staying up-to-date with the latest cloud security trends and best practices
• Implementing automated security solutions and reducing manual operations at scale
• Collaborating with cross-functional teams to integrate security into the software development lifecycle
• Performing security gap analysis and resolving security vulnerabilities in a large, multi-tenant cloud environment

Learning & Development Opportunities:

• Technical skill development in cloud security, with a focus on AWS
• Opportunities to work on high-impact projects and make a global impact on healthcare
• Access to training and professional development resources to support your growth and career progression
• Collaboration with cross-functional teams and exposure to diverse technologies and methodologies

📝 Enhancement Note: This role offers significant technical challenges and growth opportunities for cybersecurity professionals looking to advance their careers in cloud security and make a global impact on healthcare.

💡 Interview Preparation

Technical Questions:

• Cloud Security Fundamentals: How do you approach cloud security, and what are some best practices for securing AWS environments?
• Security Architecture: How would you design a secure architecture for a large, multi-tenant cloud platform, and what tools and services would you use?
• Security Gap Analysis: How do you perform security gap analysis, and what tools and methodologies do you use to identify and resolve security vulnerabilities?
• Automated Security Solutions: How have you implemented automated security solutions in the past, and what tools and technologies have you used?

Company & Culture Questions:

• Roche's Mission: How do you align with Roche's mission to prevent, stop, and cure diseases, and ensure everyone has access to healthcare today and for generations to come?
• Team Collaboration: How do you collaborate with cross-functional teams, and what is your approach to open dialogue and genuine connections in a work environment?
• Global Impact: How do you approach making a global impact on healthcare, and what experiences have you had working on high-impact projects in the past?

Portfolio Presentation Strategy:

• Highlight your experience in cloud security, with a focus on AWS
• Showcase your ability to implement automated security solutions and reduce manual operations
• Demonstrate your collaboration skills and ability to work with cross-functional teams
• Provide examples of your security gap analysis and resolution processes

📝 Enhancement Note: The interview process for this role is designed to assess your technical skills, cultural fit, and alignment with Roche's values and mission. Be prepared to discuss your approach to cloud security, security architecture, and security gap analysis in detail, and provide specific examples of your work.

📌 Application Steps

To apply for this Cloud Cybersecurity Engineer position:

1. Update Your Resume: Highlight your experience in cloud security, with a focus on AWS, and emphasize your technical skills, collaboration abilities, and problem-solving mindset
2. Prepare Your Portfolio: Showcase your experience in cloud security, with a focus on AWS, and demonstrate your ability to implement automated security solutions and reduce manual operations
3. Research Roche: Familiarize yourself with Roche's mission, values, and culture, and understand how this role aligns with your career goals and personal values
4. Practice Technical Interview Questions: Brush up on your AWS cloud security knowledge, focusing on native security services like GuardDuty, Security Hub, and as Code, and prepare for questions about your approach to cloud security, security architecture, and security gap analysis

⚠️ Important Notice: This enhanced job description includes AI-generated insights and cloud security industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.