Golar | IT Security Manager

The IT Security Manager is responsible for coordinating and monitoring Golar LNG's IT security initiatives to ensure the confidentiality, integrity, and availability of corporate and operational systems. The role supports the Head of IT in implementing the company's security framework, managing audits, and improving IT processes.

This position works closely with the IT Infrastructure Manager and external partners (including the company's Security Operations Center (SOC)) to maintain a strong and resilient security posture. The role plays a vital part in providing recommendations, coordination, and subject-matter expertise to strengthen overall security maturity.

Key Responsibilities

Security Oversight & Coordination

• Arrange and follow up on results from penetration tests and ensure identified vulnerabilities are tracked to resolution.
• Coordinate ISO 27001 audits, follow up on findings, and ensure closure of actions.
• Oversee and manage the company's relationship with the external Security Operations Center (SOC) - ensuring proper follow-up on incidents, alerts, and reports.
• Support and contribute to the development, maintenance, and testing of Disaster Recovery (DR) and Business Continuity procedures.

Incident Management

• Create, maintain, and continuously improve the IT Security Incident Response Plan (IRP).
• Provide guidance and support to the IT support team on how to identify, handle, and escalate security incidents.
• Take an active coordination role during security incidents, ensuring lessons learned and updates to procedures afterward.

Risk Management

• Coordinate the IT risk management process, including maintenance of the IT risk register and follow-up on mitigation actions.
• Guide IT and business teams on how to perform risk assessments for projects, systems, and suppliers.
• Contribute to periodic risk reporting and improvement plans.

Awareness & Communication

• Follow up on phishing simulation results, analyze trends, and prepare intranet articles or communications to raise awareness.
• Support the rollout of security awareness campaigns and employee training.
• Promote a culture of proactive cybersecurity awareness across departments.

Policies, Standards & Continuous Improvement

• Contribute to the development and regular update of IT security policies, procedures, and guidelines.
• Identify and recommend areas for improvement in the company's IT security posture, and take an active role in implementing approved measures.
• Ensure alignment with industry best practices and standards (e.g., ISO 27001, NIST, IMO, GDPR).

Cross-Functional Collaboration

• Collaborate closely with the IT Infrastructure Manager to align system hardening, patch management, and network security initiatives.
• Provide advice and assistance to the Operations department on IT security considerations related to Operational Technology (OT) environments onboard vessels and at terminals.
• Liaise with vendors and consultants to ensure consistent implementation of security requirements across systems and projects.

Qualifications & Experience

• Bachelor's degree in Information Technology, Computer Science, or equivalent relevant experience.
• Relevant certifications (preferred): ISO 27001 Lead Implementer/Auditor, CISM, CISSP, CompTIA Security+, or equivalent.
• Minimum 2 years of experience in IT security or IT risk management. We're also open to candidates with less experience, as well as recent graduates who show the right motivation and relevant skills.
• Hands-on experience coordinating audits, penetration testing, and incident handling.
• Familiarity with cloud environments (Microsoft 365 / Azure) and SOC services.
• Exposure to OT/industrial control system security or maritime/energy environments is an advantage.
• Strong organizational and follow-up skills.
• Ability to translate technical issues into business language.
• Sound understanding of IT risk management and security frameworks.
• Clear and structured communication style.

Personal Attributes

• Proactive, detail-oriented, and dependable.
• Strong sense of ownership and accountability.
• Collaborative, with the ability to influence without authority.
• Analytical thinker with a continuous improvement mindset.

At Golar LNG, we have a proud history of innovation, serving as groundbreakers in both the FSRU and FLNG segments. We champion LNG as a key transition fuel, both as a companion to renewables and as an enabler of immediate emissions reductions by facilitating a shift away from oil and coal.

We have offices in Oslo, London, Bermuda, Cameroon, Mauritania, Nigeria, and Senegal, where we support our existing fleets and continue to expand our presence in the market.