Independent consultant · Switzerland

Johan Rocher

Medical Software · Regulatory Compliance · Product Cybersecurity

Senior embedded software engineer, more than ten years in connected medical devices. I work as an independent consultant on device software development, IEC 62304 documentation and product cybersecurity compliance, from one-off audits to a recurring lead role.

Available. On site in western Switzerland or remote, in French and English.

10+ yearsin connected medical devices
CE & FDAsoftware files brought to submission
CTOco-founder of Alsensia SA, Lausanne

Services

Software file audit

2 to 3 days

Assessment of the software file against IEC 62304: gaps, risks, prioritized action plan. Ahead of an audit or a submission.

Design control remediation

5 to 10 days

Bringing documentation up to standard: plans, SOUP, traceability, risk analysis, cybersecurity. For the notified body.

Recurring role

2 to 6 days per month

Software and regulatory lead within your team: architecture, reviews, mentoring, regulatory and cybersecurity strategy.

Rates on request. First 20 minute call, no commitment.

Expertise

Regulatory & quality

  • IEC 62304 class A to C
  • ISO 13485 · design control DHF · traceability
  • MDR 2017/745 · FDA strategy & submission
  • ISO 14971 risk analysis
  • Technical documentation complete software file
  • Audit preparation notified body

Product cybersecurity

  • Threat modeling cybersecurity risk analysis
  • Secure boot signed boot chain
  • Code signing integrity · dm-verity
  • OTA updates secure, field-deployed
  • Cyber requirements MDR · FDA premarket
  • Secure communications encryption · protocols

Software engineering

  • Embedded Linux · Yocto BSP · kernel drivers
  • RTOS Zephyr · FreeRTOS
  • Microcontrollers STM32 · NXP i.MX · ESP32
  • C · C++ · Python · Rust plus Qt for interfaces
  • Connectivity BLE · Wi-Fi · Azure cloud
  • CI/CD GitLab · Jenkins · automated testing

Background

  • Today
    Independent consultant · Caducia

    Medical software, regulatory compliance and product cybersecurity, in Switzerland and remotely.

  • In parallel
    Co-founder & CTO · Alsensia SA

    VR biofeedback device for practitioners, developed at EPFL Innovation Park, Lausanne.

  • 2023 · 2026
    Principal Engineer & Cybersecurity Officer · EMS Electro Medical Systems, Nyon

    Software architecture across the product range, embedded Linux platforms, secure boot and OTA, cybersecurity strategy for MDR and FDA registrations.

  • 2019 · 2023
    Embedded software engineer · EMS Electro Medical Systems, Nyon

    Urology and pain therapy devices: firmware, embedded Linux, complete IEC 62304 and ISO 13485 documentation.

  • 2014 · 2019
    R&D engineer · bioMérieux, Lyon

    IVD device firmware, cloud connectivity, verification and validation, coordination of international teams.

  • Education
    Master of Engineering · Grenoble INP Esisar

    Embedded systems and automation, 2013.

I have been building connected medical devices since 2014, from kernel drivers to the user interface, and taking them to CE marking and FDA clearance.

An embedded engineer by training, I have sat on both sides of the table: the one writing the code, and the one answering the auditor.

Saint-Prex · Vaud French · English On site or remote

Contact

A first 20 minute call, no commitment, to assess your need and see whether I can help.

Send an email
j.rocher@caducia.ch +41 78 336 10 15 LinkedIn Saint-Prex · Switzerland