Sandoz
Healthcare
SeniorPentest&PurpleTeamExpert
“Senior Pentest & Purple Team Expert at Sandoz. Skills: Penetration testing, Purple team, Vulnerability management, Threat intelligence. Conduct penetration testing engagements. Lead penetration testing engagements”
What You'll Achieve.
Strengthen security posture; Improve detection capabilities; Improve response capabilities; Close detection gaps; Evolve testing methodologies
Industry & Context.
Analytical skills; Problem-solving skills; Attacker-mindset approach; Root cause analysis
What They're Looking For.
Must Have
Hands-on experience in penetration testing, Experience working closely with SOC / Blue Teams, Technical expertise across network security, Technical expertise across application security, Technical expertise across cloud security, Technical expertise across common attack vectors, Understanding of common web application vulnerability classes, Understanding of exploitation techniques, Experience designing adversary simulations, Experience executing purple team exercises, Deep understanding of attack frameworks, Deep understanding of kill chain, Deep understanding of detection engineering principles, Ability to translate technical findings into business risk, Ability to translate technical findings into actionable remediation plans, Proficiency with application testing toolsets, Scripting/automation skills, Analytical and problem-solving skills, Attacker-mindset approach, Excellent communication skills, Ability to engage technical stakeholders, Ability to engage non-technical stakeholders, Ability to work independently, Ability to influence cross-functional teams
Nice to Have
Experience in complex or regulated environments, Experience with MITRE ATT&CK frameworks, Familiarity with modern AppSec tooling, Familiarity with SAST/DAST/IAST concepts, Familiarity with dependency scanning, Familiarity with secrets scanning, Familiarity with code queries
What You'll Do.
Conduct penetration testing engagements
Lead penetration testing engagements
Plan purple team exercises
Execute purple team exercises
Simulate real-world attack scenarios
Improve detection capabilities
Improve response capabilities
Collaborate with Security Operations teams
Validate security controls
Develop adversary simulation techniques
Enhance adversary simulation techniques
Align techniques with threat intelligence
Align techniques with MITRE ATT&CK frameworks
Identify vulnerabilities
Prioritize vulnerabilities
Communicate vulnerabilities
Provide remediation guidance
Produce technical reports
Produce executive summaries
Produce actionable recommendations
Support security incident investigations
Provide offensive expertise
Perform root cause analysis
Perform attack reconstruction
Stay current with emerging threats
Stay current with emerging tools
Stay current with emerging techniques
Evolve testing methodologies
Contribute to security awareness
Contribute to knowledge sharing
How You'll Work.
Team & Collaboration
Wider Security Operations teams; Cross-functional teams; Technical stakeholders; Non-technical stakeholders
Communication Scope
Technical reports; Executive summaries; Actionable recommendations
Applying for this Senior Pentest & Purple Team Expert role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Sandoz?
Real rants from real employees. Read before you apply.