Novartis

Job ID

392990BR

About the role

Sandoz is going through an exciting and transformative period as a global leader and pioneering provider of sustainable Generic and Biosimilar medicines.

Now as an independently listed company, Sandoz aims to increase its strategic focus, operate with greater agility, set clearer business objectives, enhance shareholder returns, and strengthen its culture for us, the Sandoz associates. This is an exciting time in our history, and by creating a new and ambitious path, it will provide a unique opportunity for us all, both professionally and personally.

Join us as a Founder of our ‘new’ Sandoz!

As part of the Sandoz Security Operations team the Principal Threat Hunter will ensure that the organization performs has the necessary steps to investigate the company’s environment against the relevant industry threats. The position is responsible for analyzing and correlating large data sets to uncover novel threats and attack techniques that may be present within the company’s environments. A Principal Threat Hunter also will be tasked with and collaborating with SOC, Cyber Forensics, CTI, SOAR, Vulnerability Management and other cybersecurity teams to identify opportunities to develop analytical methods to detect advanced threat actors who utilize emerging tactics and techniques. In support of these processes, the role will also include developing and documenting new and innovative threat hunt hypotheses to increase the team's ability to find existing threats that are otherwise going unidentified or unnoticed. The role will also be expected to actively share knowledge and mentor more junior SOC members.

Your Key Responsibilities:

Your responsibilities include, but not limited to:

• Perform regular Threat Hunts based on the information provided by other cybersecurity functions.
• Develop valuable hunt strategies.
• Uncover new Threats, TTP’s and vulnerabilities.
• Support the development, implementation, and continuous improvement of the Threat Hunting Process
• Perform Intel based, hypothesis based and custom hunts.
• Cooperate with external vendors to gain critical insight into the tactics used by attackers in the industry.
• Work with SOC, CTI and Vulnerability Management Teams to secure the company’s systems against identified threats.
• Perform threat modelling for applications and infrastructure.
• Identify internal risks from both technical and process standpoint (internal threats, DLP issues, PII protection)
• Share the security knowledge by contributing to Knowledge Base and cybersecurity best practices.

Position Title

Principal Threat Hunter

Role Requirements

What you’ll bring to the role:

• Direct experience performing threat hunting in an active corporate environment.
• 6 to 8 years of experience in a technical role in the areas of Security Operation, Incident Response, Detection Engineering, Offensive Security/Red Team, or Cyber Threat Intelligence.
• Experience analyzing system, network, and application logging for attack techniques at all stages of the cyber kill chain.
• Direct experience working with very large datasets and log analysis tools including but not limited to: Splunk, Python, Pandas, SQL, Hadoop, Hue.
• Experience consuming and analyzing Cyber Threat Intelligence for actionable takeaways
• Ability to apply Cyber Threat Intelligence through enrichment, correlation, and attribution
• Familiarity with offensive security strategies and assessment methodology
• Experience explaining threat hunt objectives in plain English and able to communicate associated risk.
• Ability to see the larger picture when dealing with competing requirements and needs from across the organization in order to build consensus and drive results.
• Ability to navigate and work effectively across a complex, geographically dispersed organization.
• Knowledge of kill-chain model, ATT&CK framework, and modern penetration testing techniques

Why Sandoz?

Generic and Biosimilar medicines are the backbone of the global medicines industry. Sandoz, a leader in this sector, touched the lives of almost 500 million patients last year and while we are proud of this achievement, we have an ambition to do more!

With investments in new development capabilities, state-of-the-art production sites, new acquisitions, and partnerships, we have the opportunity to shape the future of Sandoz and help more patients gain access to low-cost, high-quality medicines, sustainably.

Our momentum and entrepreneurial spirit is powered by an open, collaborative culture driven by our talented and ambitious colleagues, who, in return for applying their skills experience an agile and collegiate environment with impactful, flexible-hybrid careers, where diversity is welcomed and where personal growth is encouraged!

The future is ours to shape!

Join our Sandoz Network: If this role is not suitable to your experience or career goals but you wish to stay connected to hear more about Sandoz and our career opportunities, join the Network here: Sandoz Talentpool (novartis.com)

#Sandoz

Job Type

Full Time

Country

Poland

Work Location

Warszawa

Functional Area

Technology Transformation

Division

SANDOZ

Business Unit

NON-NVS TSA TECHNOLOGY SZ

Employment Type

Regular

Company/Legal Entity

Sandoz Polska Sp. z o.o.

Commitment to Diversity & Inclusion:

We are committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.

Shift Work

No

Early Talent

No

Alternative Country 1

Czech Republic

Read Full Description