Graduate Intern - Cyber Security Compliance Analyst

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections,  where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

The Position

Graduate Intern - Cyber Security Compliance Analyst

We advance science so that we all have more time with the people we love. ​

Department Summary

We are the global product security and privacy center of Roche Diagnostics worldwide. Our vision is to build a solid Global Product Security and Privacy Operations function, provide strategic security insight across Roche Diagnostics to ensure our devices are what our regulators require and our patients deserve.

Our priorities include understanding our customers and Stakeholder needs to deliver effective security on testing solutions.
Develop an agile and sustainable operating business model to deploy security concepts that enable confident healthcare decisions.
Institutionalize security role models to provide guidance, education and awareness to maximize the security of Roche Diagnostics solutions and create trust along the patients journeys.

The Opportunity

• Coordinate and manage product security and privacy compliance activities.

• Author new or updated policies and procedures for internal partner and stakeholder input.

• Create and maintain security and privacy relevant documentation in response to legal and regulatory requirements (e.g. HIPAA, GDPR, etc.), manages the documentation and related intranet repositories.

• Prepare and deliver communication and training to educate Roche teams on the evolving compliance landscape and new or updated policies and related changes

• Support Roche Sales, product teams and IT groups, legal and other appropriate parties to address customer questions and needs regarding Roche’s products to ensure customer confidence in data security (e.g. by reviewing contract templates and contributing with architecture specific security and privacy language, supporting completion of customers’ security questionnaires, etc.).

• Where observed, escalate actual or potential compliance violations or other issues to relevant colleagues or management, according to local, regional and/or global policies and procedures.

• Manage and performs activities related to preparation, execution and remediation of internal and external compliance audits

• Maintain IT internal controls ensuring that they are designed and operating effectively to meet compliance requirements for in-scope applications.

• Establish and promote business compliance implementation process, and ensure the risk convergence and privacy protection technology for business scenarios;

• Understand cybersecurity concepts and be able to communicate it to users that do not come from a security background.

• Review of key processing activities, data protection impact assessments (DPIA’s), data processing agreements, data retention, data deletion approach, training records, etc.

Program Highlights

• Intensive 1 year intern graduate program (Contrato en practicas).

• Competitive salary and benefits package.

• Program start dates are in September.

• Location in Sant Cugat del Valles, On Site

• Access to training and development opportunities.

• Work with some of the most talented people in the biotechnology industry.

Who You Are (Required)

• Must have graduated from a University degree program.

• Must have attained a Bachelor's degree.

• 1+ years cybersecurity and/or privacy program management experience and exposure to large-scale systems in fast-paced environment.

• Audit and/or compliance related roles experience in multinational environments.

• Experience in using data and metrics to define business strategy and gain executive support for new visions.

• Preferable related experience in the healthcare, diagnostics, and / or pharmaceutical industry, preferred.

• Knowledge of HIPAA, GDPR, and other privacy relevant legislation and regulations

• Excellent Verbal/Written communication & data presentation skills, proved ability to effectively communicate with both business and technical teams.

• Ability to work in and with globally distributed and multi-cultural teams.

• Best in class attitude; challenge status constructively and contribute to improvements; results oriented; ability to influence; solution oriented mindset.

Required majors: Information security, computer, communication, or related field.

Preferred Qualifications:

• Graduated from a Master's degree is a plus.

• Experience working in a Software Development environment.

• Valuable certifications: ISO 27001 Lead Auditor, CISA, CISM, CISSP, GIAC, OSCP, SSCP or equivalent certification

• Proven ability to influence change at all levels within an organization

• Expert planner with business process definition experience and a strong IT aptitude

• Knowledge of Product Development Life Cycles (PDLC)

• Working knowledge or willingness to quickly learn the content and requirements of various laws, regulations, industry guidance, and company compliance policies, particularly related to privacy, data disclosure, and cybersecurity

• Demonstrate data analytical skills, creativity, and experience working with attention to detail

• Experience maintaining open, candid, and trusting work relationships

• Ability to “Zoom Out” (see the big picture and give strategic direction) as well as to "Zoom in” (to provide more granularity when exchanging with a wide range of experts.

• Strong business acumen; sensitive to business needs; view change as an opportunity; eager to work in a fast-paced environment.

• Strong organizational skills and ability to prioritize and manage multiple projects simultaneously.

This opportunity is part of the START TECH program, You can find more information about the
program at the following link: https://careers.roche.com/global/en/start-tech-program-spain

A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let’s build a healthier future, together.

Roche is an Equal Opportunity Employer.