Koho hledáme
- Bachelor’s or Master’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
- 5–10 years of experience in cybersecurity, ideally in cyber resilience, cyber recovery, incident response, or crisis management.
- Proven experience designing and implementing cyber resilience and recovery strategies in a complex enterprise environment.
- Strong understanding of cyber crisis management, disaster recovery, and business continuity practices.
- Excellent stakeholder management and communication skills, with the ability to work effectively with C-level executives.
- Experience leading or facilitating cyber crisis simulations, tabletop exercises (TTX), and recovery planning activities.
- Strong analytical and problem-solving skills, with the ability to operate effectively under pressure and during critical incidents.
- Professional proficiency in English (written and spoken).
Co budeš dělat
- Design and implement the Cyber Crisis Readiness and Recovery strategies and capabilities within the Information Security Resilience and Compliance (ISRC) team to ensure that critical business processes are safeguarded and effectively recovered in case of disruption, and that regulatory requirements are met.
- Design and implement Sandoz’s cyber resilience and recovery environment by collaborating with external vendors and internal stakeholders.
- Develop and implement the Cyber Resilience Playbook at enterprise level as well as individual technology plans and processes for recovering from destructive cyber incidents.
- Coordinate efforts to restore systems, networks, and data as part of the Cyber Resilience Playbook after a cyberattack in collaboration with Infrastructure, Application, Disaster Recovery teams and external vendors.
- Regularly enhance processes as the cyber threat evolves, in alignment with threat-informed defense teams.
- Develop and coordinate Cyber Crisis Tabletop Exercises (TTX) to assess the organization's readiness for major cyber incidents.
- Define testing scenarios and objectives in collaboration with stakeholders, analyze test results, identify gaps, and recommend enhancements to continuously strengthen the resiliency and recovery of Sandoz.
- Design, implement, and manage globally Cyber Crisis Readiness and Recovery standards and processes to identify, monitor, mitigate and report on risks from Operational Recovery, Disaster Recovery and IT Third Parties shall a cyber incident occur.
- Translate risks into a pragmatic roadmap and improvements to the resilience program, including amending related policies, standards and controls.
- Support the Global ISRC with risk prioritization, threat identification, and executive reporting up to Sandoz’ leadership, especially regarding Critical Assets and Critical IT Services.
O pozici
The Global Lead for Cyber Crisis Readiness and Recovery is crucial for ensuring strategic and technical preparedness against destructive cyberattacks on Sandoz’s infrastructure or applications. It demands continuous alignment on 24x7 basis with Security Operations and Infrastructure teams, as well as designing and implementing complex, last-resort recovery solutions. The role has exposure to C-level executives for example during Cyber Crisis Tabletop Exercises.
Benefity
- Monthly pension contribution matching your individual contribution up to 3% of your gross monthly base salary
- Risk Life Insurance
- 5-week holiday per year (1 week above the Labor Law requirement)
- Cafeteria employee benefit program – choice of benefits from Benefit Plus CZ in the amount of 12,000 CZK per year
- Meal vouchers in amount of 120 CZK for each working day (full tax covered by company)
- Multisport Card
- Premium Health Care Program
- Car Allowance