O pozici
Job Description Summary The Pentest & Purple Team Lead is responsible for conducting and leading penetration testing and purple team engagements, to proactively identify vulnerabilities and strengthen Sandoz security posture. As an individual contributor, the role drives hands on technical work while influencing security strategy through insights, reporting, and collaboration. Based in Prague, this position works cross functionally to continuously improve detection, prevention, and response capabilities across the organization. Job Description Sandoz continues to go through an exciting and transformative period as a global leader and pioneering provider of sustainable Biosimilar and Generic medicines. As we continue down this new and ambitious path, unique opportunities will present themselves, both professionally and personally. Join us, the future is ours to shape!
Co budeš dělat
- Conduct and lead penetration testing engagements across infrastructure, cloud environments and network layers.
- Plan and execute purple team exercises to simulate real-world attack scenarios and improve detection and response capabilities.
- Collaborate closely within wider Security Operations teams to validate security controls and close detection gaps.
- Develop and enhance adversary simulation techniques aligned with current threat intelligence and MITRE ATT&CK frameworks.
- Identify, prioritize, and communicate vulnerabilities with clear remediation guidance and risk impact.
- Produce detailed technical reports, executive summaries, and actionable recommendations for stakeholders.
- Support security incident investigations with offensive expertise, root cause analysis, and attack reconstruction.
- Stay current with emerging threats, tools, and techniques to continuously evolve testing methodologies.
- Contribute to security awareness and knowledge sharing across teams.
Koho hledáme
- Proven hands‑on experience in penetration testing, red teaming, or purple team operations within complex or regulated environments.
- Demonstrated experience working closely with SOC / Blue Teams.
- Strong technical expertise across network security, application security, cloud security, and common attack vectors.
- Strong understanding of common web application vulnerability classes and exploitation techniques, including access control flaws, injections, XSS, SSRF, deserialization, crypto misuse, insecure direct object references, auth/session issues, and business logic vulnerabilities.
- Experience designing and executing adversary simulations and purple team exercises.
- Deep understanding of attack frameworks (e.g., MITRE ATT&CK), kill chain, and detection engineering principles.
- Ability to translate technical findings into business risk and actionable remediation plans.
- Strong proficiency with application testing toolsets such as: Burp Suite, OWASP ZAP, Postman/Insomnia, API fuzzing tools, mobile proxies, and instrumentation.
- Scripting/automation skills (e.g., Python, PowerShell, Bash) to build repeatable tests, proof‑of‑concepts, or automation hooks.
- Familiarity with modern AppSec tooling (at least some of): SAST/DAST/IAST concepts, dependency scanning, secrets scanning, or code queries
- Strong analytical and problem‑solving skills with a proactive, attacker‑mindset approach.
- Excellent communication skills, with the ability to engage both technical and non‑technical stakeholders.
- Ability to work independently as a senior individual contributor while influencing cross‑functional teams.
Benefity
- Monthly pension contribution matching your individual contribution up to 3% of your gross monthly base salary
- Risk Life Insurance
- 5-week holiday per year (1 week above the Labor Law requirement)
- Cafeteria employee benefit program – choice of benefits from Benefit Plus CZ in the amount of 12,000 CZK per year
- Meal vouchers in amount of 120 CZK for each working day (full tax covered by company)
- Multisport Card
- Premium Health Care Program
- Car Allowance
