At Roche, you can be truly yourself and will be valued for your unique qualities. Our culture fosters personal expression, open dialogue, and authentic connections. Here, you are appreciated, accepted, and respected for who you are—creating an environment where you can grow both personally and professionally. Together, we aim to prevent, halt, and cure diseases and ensure that everyone has access to healthcare—today and in the future. Join Roche, where every voice matters. The Position A healthier future. It’s what drives us to innovate. To continuously advance science and ensure everyone has access to the healthcare they need today and for generations to come. Creating a world where we all have more time with the people we love. That’s what makes us Roche. **Who we are** At Roche, we are passionate about transforming patients’ lives and we are fearless in both decision and action—we believe that good business means a better world. That is why we come to work each day. We commit ourselves to scientific rigor, unassailable ethics, and access to medical innovations for all. We do this today to build a better tomorrow. Data security and privacy are key success factors in our digital transformation and essential to reach our ambitions. You are inspired to contribute to the overall Roche Diagnostics vision by applying end-to-end Division-wide product security and privacy operations to keep our products and services secure throughout the entire lifecycle. You believe in the potential of science, technology, data and insights to improve the standard of care for humankind and you are eager to help navigate through uncharted territory to lift this potential. **The Opportunity** The Cybersecurity Risk Program Manager will drive the design, building and execution of a risk management governance program, including risk assessments, risk modeling, risk treatment strategies, reporting and monitoring including: * Conduct Risk assessments by analyzing the current risks and identifying potential risks that are affecting the business and product groups. * Prepare reports of identified and assessed risks to the management. * Support the process for determining appropriate risk tolerance across our risk profile. * Providing thought partnership, risk analytics (e.g. return on Risk Mitigation investments), and recommendations around remediation, risk mitigation, or process improvement to risk owners, Compliance or other control-related functions, as well as Leadership. * Consult and coordinate with global Privacy, Risk, Security and Compliance teams on the creation and monitoring of risk mitigation or treatment plans. **Who you are** * Educational Background & Program Management: Bachelor's degree in a relevant field like information security, computer, or communications science, with a Master's degree being a plus. You should have at least 1 year of experience in cybersecurity and/or privacy program management within a fast-paced environment. * Compliance & Analytics: Experience in audit or compliance roles within multinational companies is required. You should also be proficient in using data and metrics to define business strategies and gain executive support. * Industry & Knowledge: Preferred experience in the healthcare, diagnostics, or pharmaceutical industry. You must have a strong working knowledge of cybersecurity standards and relevant privacy legislation like GDPR and HIPAA. * Communication & Collaboration: You must possess excellent verbal and written communication skills and a proven ability to present data and effectively communicate with both business and technical teams. The ability to work within globally distributed, multicultural teams is essential. * Mindset & Skills: This role requires a results-oriented, solution-driven mindset with a "best in class" attitude. You should be able to constructively challenge the status quo, influence others, and demonstrate strong data analytical skills and creativity, all while maintaining a keen attention to detail. Qualifications * Experience working in a Software Development environment. * Valuable certifications: ISO 27001 Lead Auditor, CISA, CISM, CISSP, GIAC, OSCP, SSCP or equivalent certification * Expert planner with business process definition experience and a strong IT aptitude * Working knowledge or willingness to quickly learn the content and requirements of various laws, regulations, industry guidance, and company compliance policies, particularly related to privacy, data disclosure, and cybersecurity * Ability to “Zoom Out” (see the big picture and give strategic direction) as well as to “Zoom in” (to provide more granularity when exchanging with a wide range of experts. Who we are A healthier future drives us to innovate. More than 100,000 employees worldwide work together to advance scientific progress and ensure that everyone has access to healthcare—today and for future generations. Through our commitment, over 26 million people are treated annually with our medicines and more than 30 billion tests are performed annually using our diagnostic products. We encourage one another to explore new possibilities, foster creativity, and set ambitious goals to deliver life-changing health solutions. Together, we can shape a healthier future. **Roche is an equal opportunity employer.**