Sandoz
Healthcare
SeniorPentest&PurpleTeamExpert
Neural analysis suggests this role is
optimal for Senior candidates.
“Senior Pentest & Purple Team Expert at Sandoz. Skills: Penetration testing, Purple team, Vulnerability management, Threat intelligence. Conduct penetration testing engagements. Lead penetration testing engagements”
What You'll Achieve.
Strengthen security posture; Improve detection capabilities; Improve response capabilities; Close detection gaps; Evolve testing methodologies
Industry & Context.
Analytical skills; Problem-solving skills; Attacker-mindset approach; Root cause analysis
What They're Looking For.
Must Have
Hands-on experience in penetration testing, Experience working closely with SOC / Blue Teams, Technical expertise across network security, Technical expertise across application security, Technical expertise across cloud security, Technical expertise across common attack vectors, Understanding of common web application vulnerability classes, Understanding of exploitation techniques, Experience designing adversary simulations, Experience executing purple team exercises, Deep understanding of attack frameworks, Deep understanding of kill chain, Deep understanding of detection engineering principles, Ability to translate technical findings into business risk, Ability to translate technical findings into actionable remediation plans, Proficiency with application testing toolsets, Scripting/automation skills, Analytical and problem-solving skills, Attacker-mindset approach, Excellent communication skills, Ability to engage technical stakeholders, Ability to engage non-technical stakeholders, Ability to work independently, Ability to influence cross-functional teams
Nice to Have
Experience in complex or regulated environments, Experience with MITRE ATT&CK frameworks, Familiarity with modern AppSec tooling, Familiarity with SAST/DAST/IAST concepts, Familiarity with dependency scanning, Familiarity with secrets scanning, Familiarity with code queries
What You'll Do.
Conduct penetration testing engagements
Lead penetration testing engagements
Plan purple team exercises
Execute purple team exercises
Simulate real-world attack scenarios
Improve detection capabilities
Improve response capabilities
Collaborate with Security Operations teams
Validate security controls
Develop adversary simulation techniques
Enhance adversary simulation techniques
Align techniques with threat intelligence
Align techniques with MITRE ATT&CK frameworks
Identify vulnerabilities
Prioritize vulnerabilities
Communicate vulnerabilities
Provide remediation guidance
Produce technical reports
Produce executive summaries
Produce actionable recommendations
Support security incident investigations
Provide offensive expertise
Perform root cause analysis
Perform attack reconstruction
Stay current with emerging threats
Stay current with emerging tools
Stay current with emerging techniques
Evolve testing methodologies
Contribute to security awareness
Contribute to knowledge sharing
How You'll Work.
Team & Collaboration
Wider Security Operations teams; Cross-functional teams; Technical stakeholders; Non-technical stakeholders
Communication Scope
Technical reports; Executive summaries; Actionable recommendations
Full Job Description
**Job Description Summary** The Pentest & Purple Team Lead is responsible for conducting and leading penetration testing and purple team engagements, to proactively identify vulnerabilities and strengthen Sandoz security posture. As an individual contributor, the role drives hands on technical work while influencing security strategy through insights, reporting, and collaboration. Based in Prague, this position works cross functionally to continuously improve detection, prevention, and response capabilities across the organization. **Job Description** Sandoz continues to go through an exciting and transformative period as a global leader and pioneering provider of sustainable Biosimilar and Generic medicines. As we continue down this new and ambitious path, unique opportunities will present themselves, both professionally and personally. Join us, the future is ours to shape! **Your Key Responsibilities** * Conduct and lead penetration testing engagements across infrastructure, cloud environments and network layers. * Plan and execute purple team exercises to simulate real-world attack scenarios and improve detection and response capabilities. * Collaborate closely within wider Security Operations teams to validate security controls and close detection gaps. * Develop and enhance adversary simulation techniques aligned with current threat intelligence and MITRE ATT&CK frameworks. * Identify, prioritize, and communicate vulnerabilities with clear remediation guidance and risk impact. * Produce detailed technical reports, executive summaries, and actionable recommendations for stakeholders. * Support security incident investigations with offensive expertise, root cause analysis, and attack reconstruction. * Stay current with emerging threats, tools, and techniques to continuously evolve testing methodologies. * Contribute to security awareness and knowledge sharing across teams. **** **What you’ll bring to the role:** * Proven hands‑on experience in penetration testing
Applying for this Senior Pentest & Purple Team Expert role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Sandoz?
Real rants from real employees. Read before you apply.