WHAT WE OFFER

We offer an exciting opportunity to learn about pharmaceutical industry where data and AI have a great impact to the future of the business and to patients.
At Orion, your work creates true impact and well-being for our customers, patients and society at large. Our culture of friendliness, respect, mutual appreciation and diversity creates a safe working environment where you can strive for excellence. We offer a wealth of career paths and development opportunities that support the development of innovative solutions and improving the quality of life.
Please visit our website to find further information about our values and Orion as an employer https://www.orion.fi/en/careers/orion-as-an-employer/.

OUR EXPECTATIONS

We are looking for a person who is a goal-oriented, strategic thinking with strong leadership skills. You have proven ability to motivate teams to achieve the goals. You also possess strong change management and the ability to effectively drive discussions and decisions toward desired results. It includes overseeing and establishing IT systems and services to minimize human errors, and lead the communication of security awareness and knowledge, with high energy and skill to positively encourages others.

• Demonstrated experience and success in leadership and operational roles in risk management, cybersecurity, and IT or OT security
• Knowledge of common information security management frameworks, such as ISO/IEC 27001 and ITIL as well as those from NIST
• Sound knowledge of business management and a working knowledge of cybersecurity risk management, cybersecurity technologies and trends
• Excellent communication skills, interpersonal and collaborative skills, and the ability to communicate cybersecurity and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists
• Ability to lead and motivate the cybersecurity team to achieve tactical and strategic goals, even when only “dotted” reporting lines exist
• Business acumen and an understanding of the organization’s risk profile
• Ability to develop and implement security strategies that are aligned with the organization’s business goals
• Experience in manufacturing industry
• Ability to enable and accelerate secure and agile utilization of digitalization, data and AI across the company: in operations, in supply chain, in customer engagement and in R&D.

HOW TO APPLY AND ADDITIONAL INFORMATION

Are you the person we are looking for? Please send your CV and application by 15 April 2025.
For more information, please contact Sinikka Markkula +358 50 966 3777. Contacting hours: 3rd April between 8-9 and 14th April between 15-16.30 (EET).
We typically review applications already during the application period and may start interviewing candidates before the application deadline. Therefore, we invite you to send your application as soon as possible.

UNIT DESCRIPTION

Orion Information Management (IM) employs +80 people, of which approximately two thirds are in Espoo. Other locations are Turku, Kuopio, Hanko, Mumbai, and Nottingham. We support Orion’s business in achieving its strategic targets not only by ensuring the availability of IT services but also by constantly looking for new innovations to match the current and future business needs

ABOUT YOUR ROLE

We are looking for a Chief Information Security Officer (CISO) who combines strategic vision, leadership skills, flexibility and perseverance. The CISO is responsible for providing a vision to the organization on how the company’s information assets and technologies should be protected from both physical and digital points of view. This role’s influence extends across critical domains within the Orion organization and stands as the sentinel of digital fortifications.
A key element of the CISO’s role is working with executive management to determine acceptable levels of risk for the organization. CISO will proactively work with business units and ecosystem partners to implement practices that meet agreed-on policies and standards for cybersecurity. CISO works effectively with business units to facilitate cybersecurity risk assessment and risk management processes and empowers them to make the right decisions that fall within the risk appetite of their organization. The CISO should understand and articulate the impact of cybersecurity on business, and be able to communicate this to the board of directors and other senior stakeholders.

YOUR KEY RESPONSIBILITIES

The key tasks and responsibilities for this role are:

• Develops a cyber security strategy and objectives aligned with business objectives
• Leads cyber security roadmap development and implementation
• Determines acceptable risk levels with executive management
• Facilitates metrics and reporting to measure the efficiency and effectiveness of the cyber security actions
• Develops and maintains Orion Information Security framework
• Defines Orion’s security awareness and training program
• Provides insight and leads Orion’s approach of implementation of government and industry regulations
• Leads Cyber security and IT risk management process
• Leads the cybersecurity function across the company
• Overseeing the safety of development of new and existing services
• Builds alignment between the security and IT architectures
• Builds and nurtures external networks
• Staying up-to-date with the latest security technologies and trends, and implementing appropriate security solutions to protect the organization’s data and systems
• Owns the IT recovery capability ensuring business continuity and compliance