RIS ramp up 2025-Product Vendor Risk and Compliance Expert

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections,  where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

The Position

Who We Are
At Roche, we are passionate about transforming patients’ lives, and we are bold in both
decision and action - we believe that good business means a better world. That is why
we come to work every single day. We commit ourselves to scientific rigor, unassailable
ethics, and access to medical innovations for all. We do this today to build a better
tomorrow. Roche is strongly committed to a diverse and inclusive workplace. We strive
to build teams that represent a range of backgrounds, perspectives, and skills.
Embracing diversity enables us to create a great place to work and to innovate for
patients.
Role Purpose
Roche Diagnostics works with external service providers to develop products. The
Product Vendor Risk and Compliance Expert will be responsible for the execution of
third-party risk assessments to evaluate the security resilience of service providers.
Coordinate and facilitate execution of corrective actions ensuring that weaknesses are
addressed. Help translate control requirements into actionable plans. Monitor
adherence of the defined governance principles to ensure expected value is delivered.
This role would be suitable for candidates with the right skills and mindset who also
share the Roche values and make an active contribution to achieve our vision.
You will be responsible
● Conduct third-party risk assessments to identify, assess, and monitor security
and compliance risks associated
● Support risk assessments for products and services in Roche Diagnostics to
monitor adherence to security and privacy control requirements
● Driving the optimization of processes and tools for assessing and monitoring
compliance of products and services
● To develop strong working relationships and partner effectively with key
stakeholders, such as Quality, Procurement, product teams, within the product
security and privacy organization (PSPO), the global IT security/privacy
organization
● To maintain industry knowledge and skills in the area of compliance, audit, and
risk management, and apply them to improve internal processes and practices

● To build the bridge between affected stakeholders, e.g. by sharing progress
reports (within PSPO, product teams, etc.).
● To create and maintain a knowledge base of assessed third party vendors and
the purposes they are approved for.
● Strong collaboration within the chapter and other PSPO chapters to ensure third
party vendor risks are properly updated.
Your profile
● BA/BS in informatics, life-sciences, or relevant area of study, required
● Fluent in English on a business level with excellent verbal and written skills
● Demonstrated proficiency in communicating security and privacy requirements
and expectations to third-party vendors
● 3+ years’ experience in the information security/privacy field (ISO 27000 family
and similar standards)
● Experience with compliance standards and regulatory mandates, security and
privacy laws, regulations and standards
● Goal-oriented individual, with good business acumen

Locations
You will be based in Pune or Mumbai, India. At the Company's discretion, an exception to
the location requirement could be made under extraordinary circumstances.
As this position is a global role, international business travel will be required depending
upon the business location of the successful candidate and ongoing business project
activities.
Roche is strongly committed to a diverse and inclusive workplace. We strive to build teams
that represent a range of backgrounds, perspectives, and skills. Embracing diversity
enables us to create a great place to work and to innovate for patients.
Roche is an equal opportunity employer.

A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let’s build a healthier future, together.

Roche is an Equal Opportunity Employer.