Cybersecurity and Digital Solutions Lead

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections,  where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

This role is part of the Legal and Compliance department in Diagnostics Division with matrix reporting lines. Your direct report is to Head of Legal and Compliance with dotted line managers Head of Marketing and Head of Professional Services also with direct access to executive directors (as legally required).

The Cybersecurity and Digital Solutions Lead is responsible for developing and implementing cybersecurity policies and protocols to protect Roche's products, information systems and technologies and managing the roadmap, governance, and value realization of key digital initiatives across the Czech Affiliate and its Diagnostics and Pharma businesses. Using your expertise in Roche's products and environment, you will ensure systems comply with all security and regulatory standards. You will also apply your technical skills to manage and mitigate cyber threats.

The Opportunity

• Develop and oversee cybersecurity framework, strategy, policies and procedures (eg. ISO 27001 implementation, NIS2 local implementation) to safeguard digital systems and sensitive information.

• Manage the cybersecurity responsibilities across different teams in Roche Diagnostics and Pharma divisions and ensure cooperation throughout the organization and overall alignment with Roche's security objectives.

• Ensure Regulatory Compliance with cybersecurity and data protection requirements.

• Manage the Risk Framework and monitor risk management activities.

• Perform risk assessments to identify potential cyber threats and establish and coordinate a risk management plan in the context of the organisation as well as individual installation cases.

• Assess system vulnerabilities and implement security measures.

• Monitor network and information security systems for potential breaches and intrusions.

• Coordinate potential cyber security incidents.

• Cooperate and coordinate the process of cybersecurity asset management. 

• Conduct regular security audits and compliance checks across all systems and applications and elaborate regular reports on cybersecurity risks and mitigation steps.

• Liaise and communicate directly with the regulatory Authorities and relevant Bodies on topics of cybersecurity.  

• Communicate directly and regularly with the management on the topics of cybersecurity, support Executive Management in cybersecurity-related decisions 

• Prepare Security Assessments and Reports for Leadership.

• Maintain updated knowledge of cybersecurity trends, emerging threats, and technologies.

• Collaborate with external IT and external business units (e.g. hospitals and laboratories, etc.) to ensure effective cybersecurity strategies are integrated into business processes.

• Provide training and awareness programs on cybersecurity best practices for all staff.

• Manage cybersecurity training and awareness programs across business functions.

• Oversee third-party risk management and vendor cybersecurity compliance.

• Define and maintain the digital portfolio roadmap for diagnostics, including connected devices, remote monitoring tools, and AI-driven decision support systems.

• Work cross-functionally with Product Management, IT, and Legal, Compliance and Regulatory teams to ensure timely and compliant delivery.

• Collaborate with all stakeholders (internal/ external) on development and implementation of Digital Products and Solutions strategy.

Who You Are

• Master's degree in Information Security, Computer Science, Engineering, or related field.

• Certifications such as CISSP, CISM, or PMP are a plus.

• Proven (7+ years) experience in digital product implementation and cybersecurity, preferably in pharma, medical devices, or healthcare sector.

• Proven experience in managing digital portfolios or complex IT/digital projects in a regulated environment.

• Strong understanding of cybersecurity frameworks, medical device software lifecycle, and data privacy regulations.

• Analytical and detail-oriented.

• Proactive and solutions-driven approach.

• Excellent interpersonal and communication skills, enabling the individual to simplify complex topics and convey them in an understandable manner to diverse audiences.

• Highly organized with the ability to manage multiple priorities.

• Czech and English language proficiency.

A healthier future drives us to innovate. Together, more than 100'000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let's build a healthier future, together.

Roche is an Equal Opportunity Employer.