Public Key Infrastructure - Junior Engineer
About this role
At Roche you can show up as yourself, embraced for the unique qualities you bring. Our culture encourages personal expression, open dialogue, and genuine connections, where you are valued, accepted and respected for who you are, allowing you to thrive both personally and professionally. This is how we aim to prevent, stop and cure diseases and ensure everyone has access to healthcare today and for generations to come. Join Roche, where every voice matters.
The Position
At the heart of our digital security is the trust we build through encrypted communication. As a
PKI Engineer, you will join our Identity and Access Management (IAM) team to help manage the core certificate infrastructure. You’ll be instrumental in ensuring that our digital certificates are issued, tracked, and renewed without a hitch. This is a growth-oriented role where you will learn to navigate complex security infrastructures while contributing to the automation of high-volume security tasks.
Job Responsibilities
Scope
Support the day-to-day administration of Microsoft Active Directory Certificate Services (AD CS), including basic template management and standard troubleshooting.
Use Keyfactor Command to monitor certificate health, identify expiring assets, and assist in bringing untracked certificates into compliance.
Support the deployment of ACME clients (like Certbot) for automated certificate issuance across web server environments.
Participate in the automation of routine certificate tasks using Version Control systems and scripting as required (PowerShell or Python).
Collaborate with senior engineers to orchestrate certificate distribution to load balancers, firewalls, and application servers.
Impact/Strategy
Collaborate in the automation of routine certificate tasks using basic scripting (PowerShell or Python) and maintain scripts using version control systems.
Assist in maintaining team internal wikis, standard operating procedures, and runbooks for certificate lifecycle management.
Collaborate with senior engineers to route, distribute, and install certificates to load balancers, firewalls, and application servers
.
Complexity
Focuses primarily on executing defined procedures, troubleshooting routine issues, and escalating complex anomalies to senior team members.
Contributes to team agility by identifying operational inefficiencies and proposing minor process improvements within immediate daily tasks.
Demonstrates growing autonomy within the specific domain by translating daily requirements into structured tasks under direct supervision.
Business/Technical ability
Possesses a working knowledge of the relevant business domain and supporting technologies
Understands sources of influence, comprehending internal and external factors affecting the problem space, and is capable of identifying and analyzing basic business problems or opportunities holistically
Requirements
- Education / Experience
- Experience: 1–2 years of experience in an IT Helpdesk, Systems Administration, or junior Security Operations (SOC) role. An internship focused on infrastructure or security is highly valued.
- Education: Bachelor’s Degree in Computer Science, Cyber Security, or equivalent practical experience.
- Working knowledge of relevant business domains and supporting cybersecurity technologies
- Demonstrated ability to independently handle defined tasks and contribute to various stages of the security and business analysis lifecycle
-
- Technical Skills
- Understanding of Zero Trust principles, authentication factors and cryptography.
- A solid understanding of cryptography basics (Symmetric vs. Asymmetric, Hashing, Digital Signatures).
- Experience with Windows Server and Active Directory. Exposure to web servers like IIS, Apache, or Nginx. Comfortable using Git for basic file management and collaboration.
- Knowledge of the ACME protocol or experience using tools like Certbot.
- Familiarity with PowerShell or Python for automating repetitive tasks.
- Familiarity with Git for version control and basic exposure to scripting (PowerShell, Bash, or Python) for automating repetitive tasks.
- Communication skills to collaborate effectively within Agile/cross-functional teams, with a structured approach to problem-solving.
- Eagerness to learn and a desire to work toward foundational certifications like CompTIA Security+ or Microsoft SC-300.
-
- Additional Qualifications
- A mindset of continuous improvement with a proactive approach to identifying solution-level issues, gaps, or inefficiencies
- Strong analytical and logical reasoning skills to identify discrepancies, challenge assumptions, and confidently present solutions
About Roche
A healthier future drives us to innovate. Together, more than 100’000 employees across the globe are dedicated to advance science, ensuring everyone has access to healthcare today and for generations to come. Our efforts result in more than 26 million people treated with our medicines and over 30 billion tests conducted using our Diagnostics products. We empower each other to explore new possibilities, foster creativity, and keep our ambitions high, so we can deliver life-changing healthcare solutions that make a global impact. Let’s build a healthier future, together. Roche is an Equal Opportunity Employer.