Global Lead for Cyber Crisis Readiness and Recovery

Job Description Summary

The Global Lead for Cyber Crisis Readiness and Recovery is crucial for ensuring strategic and technical preparedness against destructive cyberattacks on Sandoz’s infrastructure or applications. It demands continuous alignment on 24x7 basis with Security Operations and Infrastructure teams, as well as designing and implementing complex, last-resort recovery solutions. The role has exposure to C-level executives for example during Cyber Crisis Tabletop Exercises.

 

Job Description

Global Lead, Cyber Crisis Readiness and Recovery

Sandoz is going through an exciting and transformative period as a global leader and pioneering provider of sustainable Generic and Biosimilar medicines.

Now as an independently listed company, Sandoz aims to increase its strategic focus, operate with greater agility, set clearer business objectives, enhance shareholder returns, and strengthen its culture for us, the Sandoz associates. This is an exciting time in our history, and by creating a new and ambitious path, it will provide a unique opportunity for us all, both professionally and personally.

Join us as a Founder of our ‘new’ Sandoz!

The Global Lead for Cyber Crisis Readiness and Recovery is crucial for ensuring strategic and technical preparedness against destructive cyberattacks on Sandoz’s infrastructure or applications. It demands continuous alignment on 24x7 basis with Security Operations and Infrastructure teams, as well as designing and implementing complex, last-resort recovery solutions. The role has exposure to C-level executives for example during Cyber Crisis Tabletop Exercises.

Major Accountabilities (Describe the main results of the job to be achieved)

Design and implement the Cyber Crisis Readiness and Recovery strategies and capabilities within the Information Security Risk Management (ISRM) team to ensure that critical business processes are safeguarded and effectively recovered in case of disruption, and that regulatory requirements are met.

Design and implement Sandoz’s cyber resilience and recovery environment by collabo-rating with external vendors and internal stakeholders. Develop and implement the Cyber Resilience Playbook at enterprise level as well as individual technology plans and pro-cesses for recovering from destructive cyber incidents.

Coordinate efforts to restore systems, networks, and data as part of the Cyber Resilience Playbook after a cyberattack in collaboration with Infrastructure, Application, Disaster Re-covery teams and external vendors. Regularly enhance processes as the cyber threat evolves, in alignment with threat-informed defense teams.

Develop and coordinate Cyber Crisis Tabletop Exercises (TTX) to assess the organiza-tion's readiness for major cyber incidents. Define testing scenarios and objectives in col-laboration with stakeholders, analyze test results, identify gaps, and recommend en-hancements to continuously strengthen the resiliency and recovery of Sandoz.

Design, implement, and manage globally Cyber Crisis Readiness and Recovery standards and processes to identify, monitor, mitigate and report on risks from Operational Recovery, Disaster Recovery and IT Third Parties shall a cyber incident occur. Translate risks into a pragmatic roadmap and improvements to the resilience program, including amending related policies, standards and controls.

Support the Global Lead ISRM with risk prioritization, threat identification, and executive reporting up to Sandoz’ leadership, especially regarding Critical Assets and Critical IT Services

Ideal Background (State the minimum and desirable education and experience level)

Education:

• Master of Science degree or equivalent experience in computer science, engineering or information technology or other relevant field
• Multiple certifications in offensive security or equivalent experience (e.g.: OSCP, GPEN, CRTOP, CPT, CEH)

Languages:                

• Fluent in written and spoken English

Experience and Skills:                              

• Significant experience in technology and cyber security roles ideally from mature industries like banking, pharma or critical sectors.
• Experience in either Cyber Crisis Management or Operational Recovery / Resilience roles
• Experience running technical tests, simulations or tabletops in a complex and distributed environment (on-prem, cloud, etc)
• Experience running global data protection solutions, operational recovery or disaster recovery in a regulated environment
• Knowledge of the Business Continuity Institute’s Good Practice Guidelines and / or the International Standards ISO22301, ISO22313, ISO27001, NIST and other relevant standards
• Experience in IT governance, standards development and risk management / quantification in a regulated environment
• Strong understanding of Cyber Resilience (NIST 800-160), MITRE Cyber Resilience Engineering Framework (CREF) and Enhanced Control Requirements (NIST 800-172) is a plus
• Strong skills in evaluating defensive capabilities against adversaries for effective courses of action in cyber risk mitigation
• Proficient understanding and knowledge of general IT infrastructure technology and systems including Cloud and Operational Technology (OT / Industrial Control Systems)
• Knowledge of cyber threat modelling techniques and practice;
• Knowledge of enterprise architecture and security architecture frameworks such as TOGAF and SABSA is an advantage
• Excellent negotiation, communication, and interpersonal skills ability to develop influential relationships at all levels
• Change management champion with experience in leading teams through large-scale IT change / transformation programs
• Experienced people leader with the ability to lead and develop diverse teams across geographies
• An entrepreneurial mindset driven by curiosity, continuous improvement, and interest in technical advancements and trends.
• Strong project management skills with the ability to delegate

You’ll receive:

Breakdown of benefits received in this role. Include flexible working, learning and development opportunities as well.

Why Sandoz?

Generic and Biosimilar medicines are the backbone of the global medicines industry. Sandoz, a leader in this sector, touched the lives of almost 500 million patients last year and while we are proud of this achievement, we have an ambition to do more!

With investments in new development capabilities, state-of-the-art production sites, new acquisitions, and partnerships, we have the opportunity to shape the future of Sandoz and help more patients gain access to low-cost, high-quality medicines, sustainably.

Our momentum and entrepreneurial spirit is powered by an open, collaborative culture driven by our talented

Join our Sandoz Network:

If this role is not suitable to your experience or career goals but you wish to stay connected to hear more about Sandoz and our career opportunities, join the Network here:  Sandoz Talentpool (novartis.com)

 and ambitious colleagues, who, in return for applying their skills experience an agile and collegiate environment with impactful, flexible-hybrid careers, where diversity is welcomed and where personal growth is encouraged! 

The future is ours to shape!

Commitment to Diversity & Inclusion

We are committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.

#Sandoz

 

Skills Desired

Escalation, Information Security Audit, Information Security Risk Management, IT Governance, Sec Ops (Security Operations), Talent Development, Vendor Management