Global Lead for Cyber Crisis Readiness and Recovery

at  Sandoz

GLOBAL LEAD, CYBER CRISIS READINESS AND RECOVERY

Sandoz is going through an exciting and transformative period as a global leader and pioneering provider of sustainable Generic and Biosimilar medicines.
Now as an independently listed company, Sandoz aims to increase its strategic focus, operate with greater agility, set clearer business objectives, enhance shareholder returns, and strengthen its culture for us, the Sandoz associates. This is an exciting time in our history, and by creating a new and ambitious path, it will provide a unique opportunity for us all, both professionally and personally.
Join us as a Founder of our ‘new’ Sandoz!
The Global Lead for Cyber Crisis Readiness and Recovery is crucial for ensuring strategic and technical preparedness against destructive cyberattacks on Sandoz’s infrastructure or applications. It demands continuous alignment on 24x7 basis with Security Operations and Infrastructure teams, as well as designing and implementing complex, last-resort recovery solutions. The role has exposure to C-level executives for example during Cyber Crisis Tabletop Exercises.

MAJOR ACCOUNTABILITIES (DESCRIBE THE MAIN RESULTS OF THE JOB TO BE ACHIEVED)

Design and implement the Cyber Crisis Readiness and Recovery strategies and capabilities within the Information Security Risk Management (ISRM) team to ensure that critical business processes are safeguarded and effectively recovered in case of disruption, and that regulatory requirements are met.
Design and implement Sandoz’s cyber resilience and recovery environment by collabo-rating with external vendors and internal stakeholders. Develop and implement the Cyber Resilience Playbook at enterprise level as well as individual technology plans and pro-cesses for recovering from destructive cyber incidents.
Coordinate efforts to restore systems, networks, and data as part of the Cyber Resilience Playbook after a cyberattack in collaboration with Infrastructure, Application, Disaster Re-covery teams and external vendors. Regularly enhance processes as the cyber threat evolves, in alignment with threat-informed defense teams.
Develop and coordinate Cyber Crisis Tabletop Exercises (TTX) to assess the organiza-tion’s readiness for major cyber incidents. Define testing scenarios and objectives in col-laboration with stakeholders, analyze test results, identify gaps, and recommend en-hancements to continuously strengthen the resiliency and recovery of Sandoz.
Design, implement, and manage globally Cyber Crisis Readiness and Recovery standards and processes to identify, monitor, mitigate and report on risks from Operational Recovery, Disaster Recovery and IT Third Parties shall a cyber incident occur. Translate risks into a pragmatic roadmap and improvements to the resilience program, including amending related policies, standards and controls.
Support the Global Lead ISRM with risk prioritization, threat identification, and executive reporting up to Sandoz’ leadership, especially regarding Critical Assets and Critical IT Services

EDUCATION:

• Master of Science degree or equivalent experience in computer science, engineering or information technology or other relevant field
• Multiple certifications in offensive security or equivalent experience (e.g.: OSCP, GPEN, CRTOP, CPT, CEH)

EXPERIENCE AND SKILLS:

• Significant experience in technology and cyber security roles ideally from mature industries like banking, pharma or critical sectors.
• Experience in either Cyber Crisis Management or Operational Recovery / Resilience roles
• Experience running technical tests, simulations or tabletops in a complex and distributed environment (on-prem, cloud, etc)
• Experience running global data protection solutions, operational recovery or disaster recovery in a regulated environment
• Knowledge of the Business Continuity Institute’s Good Practice Guidelines and / or the International Standards ISO22301, ISO22313, ISO27001, NIST and other relevant standards
• Experience in IT governance, standards development and risk management / quantification in a regulated environment
• Strong understanding of Cyber Resilience (NIST 800-160), MITRE Cyber Resilience Engineering Framework (CREF) and Enhanced Control Requirements (NIST 800-172) is a plus
• Strong skills in evaluating defensive capabilities against adversaries for effective courses of action in cyber risk mitigation
• Proficient understanding and knowledge of general IT infrastructure technology and systems including Cloud and Operational Technology (OT / Industrial Control Systems)
• Knowledge of cyber threat modelling techniques and practice;
• Knowledge of enterprise architecture and security architecture frameworks such as TOGAF and SABSA is an advantage
• Excellent negotiation, communication, and interpersonal skills ability to develop influential relationships at all levels
• Change management champion with experience in leading teams through large-scale IT change / transformation programs
• Experienced people leader with the ability to lead and develop diverse teams across geographies
• An entrepreneurial mindset driven by curiosity, continuous improvement, and interest in technical advancements and trends.
• Strong project management skills with the ability to delegate

Please refer the Job description for details