Web Access Management Senior Engineer - RDT Identity & Access Management

At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections,  where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.

As a Web Access Management Senior Engineer, you will be part of a multicultural and global team focused on Single Sign-On (SSO) / Federation and Multifactor Authentication, protecting our information and assets from unauthorized access, security risks, and cyber attacks. You will provide customers with seamless single sign-on experiences, prevent unauthorized access through advanced MFA, and own the core infrastructure enabling day-to-day operations, performance optimization, and continuous improvement across our global enterprise.

The Opportunity

Responsibilities

Authentication Infrastructure Ownership

• Own the Authentication infrastructure to enable SSO and MFA across a global, hybrid infrastructure landscape, including on-premise servers and containers, as well as SaaS components
• Develop and maintain reliable and scalable authentication and authorization features to ensure the adoption of security best practices across the organization
• Leverage your knowledge of encryption, digital signatures, and secure token exchange to architect secure solutions
• Ensure high availability, performance, and security of authentication systems supporting enterprise-wide operations

Incident Management & Production Support

• Act as consultant for the support and development organizations to promptly respond to customer requests, resolve incidents, and implement changes
• Apply ITIL principles to troubleshoot authentication issues in production environments and participate in change management processes
• Work with security teams to mitigate authentication vulnerabilities and perform comprehensive root cause analysis
• Combine personal ownership with delegation and documentation to entry support tiers, ensuring customer engagement and satisfaction

Protocol & Standards Implementation

• Demonstrate proven expertise with SAML, OAuth 2.0, and OpenID Connect (OIDC) protocols to support Federation standards
• Implement and integrate various MFA methods (TOTP, FIDO2/WebAuthn, biometric authentication, YubiKey) across the enterprise
• Troubleshoot complex authentication and authorization issues in collaboration with application developers and other technical organizations
• Stay updated on cutting-edge authentication technologies, security threats, and industry best practices to continuously improve security systems

Strategic Planning & Solution Design

• Work closely with product managers, security engineers, and developers to create secure and user-friendly authentication flows that meet business and technical requirements
• Translate requirements into strategic implementation plans that align with overall business objectives
• Analyze technology fit and propose effective, strategically aligned cybersecurity solutions and controls
• Identify and evaluate solution impacts considering both immediate and longer-term implications across the security domain

Stakeholder Leadership & Influence

• Identify a diverse range of security stakeholders across functional areas and effectively manage relationships to build reliance through deep business and technical understanding
• Act as a strategic influencer, defining and driving stakeholder engagement strategies for complex initiatives
• Facilitate workshops, resolve conflicts, and proactively shape stakeholder perspectives to align with project goals
• Serve as a trusted advisor on authentication and access management matters across the organization

Team Development & Knowledge Sharing

• Demonstrate ability to mentor colleagues with less experience and provide guidance on cybersecurity best practices and analysis techniques
• Take a proactive role in shaping team processes and contributing to Communities of Practice (CoPs)
• Proactively identify process improvements and drive organizational development initiatives
• Foster a culture of accountability and excellence through personal example and leadership

Who You Are

Experience & Education

• 7+ years of experience working in a major global organization, preferably in a regulated industry
• Bachelor's Degree in Computer Science, Engineering, or a related discipline (or recognition of prior working experience)
• Demonstrated ability to effectively manage relationships with a diverse range of cross-functional stakeholders on medium to large-sized engagements
• Proven track record of championing accountability through security incident leadership and/or security project ownership roles
• Successfully led complex technical initiatives with measurable business impact

Technical Expertise

• Demonstrable experience working with Identity and Access Management (IAM) solutions such as Okta, Entra ID (Azure AD), Ping Identity, Auth0, or similar platforms
• Proven expertise with SAML, OAuth 2.0, and OpenID Connect (OIDC) protocols in enterprise environments
• Advanced capability to troubleshoot complex authentication and authorization issues in collaboration with application developers and other technical organizations
• Experience implementing and integrating various MFA methods (TOTP, FIDO2/WebAuthn, biometric authentication, YubiKey) at scale
• Strong understanding of encryption, digital signatures, and secure token exchange mechanisms
• Experience with hybrid infrastructure landscapes, including on-premise servers, containers, and SaaS components
• Readiness to adapt to new technologies, standards, and evolving security threats

Professional & Analytical Capabilities

• Strong proficiency in independently applying tools, principles, and concepts related to requirements, data, usability, and process analysis within the security domain
• Advanced analytical and logical reasoning skills to identify security patterns, threats, and discrepancies
• Capability to drive comprehensive root cause analysis and develop strategic remediation strategies
• Ability to manage business analysis activities on complex projects or across multiple products within the IAM domain
• Capacity to handle ambiguous requirements, navigate intricate stakeholder environments, and evaluate solution impacts strategically

Leadership & Communication Skills

• Effectively communicates to interact with various teams (developers, stakeholders, users) with clarity and precision
• Proven experience working collaboratively with cross-functional teams for integration and implementation of global web solutions
• Strong facilitation, communication, and conflict resolution skills to ensure alignment across multiple product squads and complex stakeholder networks
• Ability to convey technical concepts to diverse audiences and translate complex requirements into actionable strategies
• Demonstrated success driving organizational change and process improvement initiatives

If you are an experienced cybersecurity engineer with deep expertise in web access management, SSO, and MFA looking to make a strategic impact on a global scale, we want to hear from you. This role offers the unique opportunity to lead authentication infrastructure across a diverse, international organization while mentoring technical teams and shaping the future of our security posture.

Relocation benefits are not available for this job posting.

A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact.

Let’s build a healthier future, together.

Roche is an Equal Opportunity Employer.