Digital Health Security Specialist

Roche fosters diversity, equity and inclusion, representing the communities we serve. When dealing with healthcare on a global scale, diversity is an essential ingredient to success. We believe that inclusion is key to understanding people’s varied healthcare needs. Together, we embrace individuality and share a passion for exceptional care. Join Roche, where every voice matters.

The Position

We are currently recruiting for a Digital Health Security Specialist.

Roche Diagnostics UK&IE's Digital Health Security team plays a critical role in safeguarding our medical device products and services within the diagnostics sector, ensuring robust cyber resilience and patient safety. The Digital Health Security Specialist role is an integral part of the team, operating within the Technical Services function.

Role Overview: The team provides specialist cyber and information security expertise across Roche Diagnostics UK&IE, delivering continued certification against ISO 27001, the Digital Security Protection Toolkit (DSPT), and ensuring our products and services are secure by design.

Key Responsibilities:

• Expert Advice: Provide expert guidance on secure system deployment, governance, and compliance with frameworks such as DSPT, ISO 27001, ISO 27017/18, Cyber essentials and NCSC guidelines.

• Security Standards: Embed and align security standards and patterns with best practices to fortify the cyber resilience of Roche Diagnostics products and services.

• Risk Mitigation: Participate in security assessments, risk mitigation efforts, and deliver actionable advice to address identified risks and vulnerabilities.

• Collaboration: Work with internal stakeholders and our customers to tackle product security challenges, conduct security reviews, and perform comprehensive risk analysis.

• Cloud Security Strategy: Support the development and implementation of Roche Diagnostics UK&IE’s cloud security strategy, refining objectives and addressing technical controls, risks, and issues.

• Subject Matter Expert: Act as a trusted advisor and subject matter expert on cyber security topics externally for our customers and internally for colleagues within the Roche Technical Services Department.

• Security Testing: Scope and review security testing reports, vulnerability assessments, and compliance audits to ensure robust application and endpoint security.

• Network Architecture: Provide expertise in network architecture to design resilient and secure connectivity solutions for digital services across primary and secondary care.

• Lifecycle Support: Support systems and services throughout their lifecycle, ensuring secure practices are maintained to minimise risks.

What We Offer: This role offers unique opportunities to address the challenges of protecting connected medical devices and SaMD applications, contributing to improved healthcare outcomes, and enhancing the cyber resilience of Roche Diagnostics customers. You will benefit from access to professional development opportunities, collaborative initiatives, and impactful work that directly supports patient care.

Main Duties of the Job: The primary objective is to ensure Roche Diagnostics products and digital services, deployment architectures (On-prem & cloud services), and sensitive data types such as Personal Identifiable Data (PID), are protected from cyber threats.

Additional Information: You will play a pivotal role in developing and guiding the implementation of cyber-resilient architectures, providing expert advice, and ensuring systems meet stringent security standards. Acting as a trusted advisor within the organisation, you will ensure secure practices are embedded into systems and processes, safeguarding data and operations for our customers across the UK and Ireland healthcare ecosystem.

Your profile:

Degree or relevant professional qualification/experience.  It is desirable for the post holder to hold a suitable information security qualification such as the Certified Information security manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) or Certified in Risk and Information Systems Control (CRISC)

You will have a strong understanding of data/cybersecurity and ISMS.

With proven troubleshooting skills and a passion for customer service, you’ll combine a flexible, empathetic style with the determination to see issues through to a successful constructive resolution.
 
An effective communicator, you’ll deal comfortably with people both face-to-face and by telephone and be able to build and maintain strong working relationships with customers. It’s important that you can put over complex ideas clearly and concisely and be able to operate well in a team environment.

Specifically you will be able to demonstrate the following technical skills:

• Familiarity with ISMS and certification to ISO 27001, DSPT
• Knowledge of healthcare IT solutions and NHS data security systems
• Risk management
• Understanding of data security technology and protocols e.g. firewalls, encryption, wifi

  Investing in you

  Roche is a company that not only invests in its business – over £6.5 billion in R&D worldwide, including £460 million in the UK alone last year – but equally importantly in its people.

  What this means for you is, not only a competitive salary and benefits package, but also a recognised IT product training programme and continuous support to build on your knowledge, skills and potential, helping you prepare for the exciting opportunities for further career development. All of which has gained Roche 2017 Top Employer status in the UK and Europe.

  We are currently recruiting for a Digital Health Security Specialist

  Roche Diagnostics UK&IE's Digital Health Security team plays a critical role in safeguarding our medical device products and services within the diagnostics sector, ensuring robust cyber resilience and patient safety. The Digital Health Security Specialist role is an integral part of the team, operating within the Technical Services function.

Who we are

At Roche, more than 100,000 people across 100 countries are pushing back the frontiers of healthcare. Working together, we’ve become one of the world’s leading research-focused healthcare groups. Our success is built on innovation, curiosity and diversity.

Our UK Diagnostics business, headquartered in Burgess Hill, West Sussex, employs approximately 560 highly skilled individuals. We provide the industry's broadest range of diagnostics and monitoring products & services, spanning all sectors of the market: from small hand held devices used directly by patients or healthcare professionals, to large diagnostic instruments found in hospital laboratories.

The statements herein are intended to describe the general nature and level of work being performed by employees, and are not to be construed as an exhaustive list of responsibilities, duties, and skills required of personnel so classified. Furthermore, they do not establish a contract for employment and are subject to change at the discretion of Roche Products Ltd. At Roche Products we believe diversity drives innovation and we are committed to building a diverse and flexible working environment. All qualified applicants will receive consideration for employment without regard to race, religion or belief, sex, gender reassignment, sexual orientation, marriage and civil partnership, pregnancy and maternity, disability or age. We recognise the importance of flexible working and will review all applicants’ requests with care. At Roche difference is valued and we are proud to be an equal opportunity employer where you are encouraged to bring your whole self to work.