Product Security expert ensuring secure software development at NETGEAR. Championing security practices and monitoring vulnerabilities while collaborating with development teams.
About the role
- Senior Cybersecurity GRC Specialist shaping Orion Pharma's cybersecurity governance, risk management, and compliance. Engaging with teams to enhance security posture and meet regulatory standards.
Responsibilities
- Develop and operate Orion’s cybersecurity risk management process, including risk identification, assessment, treatment, management reporting, metrics, and effectiveness monitoring
- Manage and continuously improve the security exception process, including reporting
- Drive compliance activities against relevant cybersecurity frameworks, standards, and regulatory requirements
- Operate and further develop the Information Security Management System (ISMS)
- Maintain, update, and improve cybersecurity policies, instructions, and guidelines
- Coordinate and support security assessments, audits, and control reviews
- Provide GRC guidance to internal stakeholders to support informed, risk based decision making
- Develop and support cybersecurity training and awareness
Requirements
- Extensive experience in cybersecurity and strong knowledge of security frameworks (e.g. ISO/IEC 27001, NIST)
- Proven experience in a cybersecurity GRC role
- Relevant cybersecurity certifications (e.g. ISO 27001 Lead Implementer, CISM, CISSP)
- Strong hands-on experience in cybersecurity risk management
- A strong analytical mindset with a proactive approach to security challenges
- Fluency in English; Finnish is considered an advantage
- Excellent collaboration and communication skills, a positive can-do attitude, and a strong sense of responsibility
Benefits
- Our culture of friendliness, respect, mutual appreciation and diversity creates a safe working environment where you can strive for excellence.
- We offer a wealth of career paths and development opportunities that support the development of innovative solutions and improving the quality of life.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
System Architect driving secure cloud - native applications using cutting - edge technologies for Product Security at Nokia. Leading AI - driven design and architecture with collaboration across global teams.
Cyber Security Engineer protecting data from threats in a fintech startup. Collaborating with the Information Security Team and implementing security controls for technical projects.
Junior Security Incident Responder in an innovative IT service company protecting clients against cyber threats. Collaborating with teams to enhance IT security and respond to incidents.
Security Incident Responder managing IT security incidents in the Security Operations Center, analyzing threats and coordinating responses effectively for clients' safety.
Senior Security Engineer developing and enhancing security infrastructure for Bank Frick, a pioneer in blockchain banking. Responsible for managing security processes and collaborating with IT teams.
Werkstudent Cyber Security bei Wavestone, Unterstützung im IT - Consulting und Entwicklung im Bereich Cyber - Sicherheit. Analyse von Trends und aktive Teilnahme an Teamaktivitäten.
Project Manager for Security Technology managing complex security projects in MENA region. Involving internal teams and external integrators ensuring project success and client satisfaction.
Cyber Security Manager at British American Tobacco strengthening cyber resilience across Western Europe. Responsible for managing security initiatives and collaborating with regional teams.
Stagiaire responsable de l’accompagnement à la mise en place d’un système SSE pour un bureau d’études en ingénierie. Impliqué dans la structuration, suivi et déploiement de systèmes SSE.