Orion

Senior Cybersecurity GRC Specialist

Orion

full-time

Posted on:

Location Type: Hybrid

Location: EspooFinland

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Cyber Security

About the role

  • Develop and operate Orion’s cybersecurity risk management process, including risk identification, assessment, treatment, management reporting, metrics, and effectiveness monitoring
  • Manage and continuously improve the security exception process, including reporting
  • Drive compliance activities against relevant cybersecurity frameworks, standards, and regulatory requirements
  • Operate and further develop the Information Security Management System (ISMS)
  • Maintain, update, and improve cybersecurity policies, instructions, and guidelines
  • Coordinate and support security assessments, audits, and control reviews
  • Provide GRC guidance to internal stakeholders to support informed, risk based decision making
  • Develop and support cybersecurity training and awareness

Requirements

  • Extensive experience in cybersecurity and strong knowledge of security frameworks (e.g. ISO/IEC 27001, NIST)
  • Proven experience in a cybersecurity GRC role
  • Relevant cybersecurity certifications (e.g. ISO 27001 Lead Implementer, CISM, CISSP)
  • Strong hands-on experience in cybersecurity risk management
  • A strong analytical mindset with a proactive approach to security challenges
  • Fluency in English; Finnish is considered an advantage
  • Excellent collaboration and communication skills, a positive can-do attitude, and a strong sense of responsibility
Benefits
  • Our culture of friendliness, respect, mutual appreciation and diversity creates a safe working environment where you can strive for excellence.
  • We offer a wealth of career paths and development opportunities that support the development of innovative solutions and improving the quality of life.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cybersecurity risk managementsecurity frameworksISO/IEC 27001NISTGRCcybersecurity policiessecurity assessmentsauditscontrol reviewscybersecurity training
Soft Skills
analytical mindsetproactive approachcollaborationcommunication skillspositive attitudesense of responsibility
Certifications
ISO 27001 Lead ImplementerCISMCISSP