Manager - Core Security

We are a global technology provider specialized to serve the energy sector and other industries operating critical infrastructure; environments where performance matters, decisions have real consequences, and security is fundamental to trust and continuity.

With a cloud-first strategy built on Microsoft Azure, combined with hybrid and on‑prem environments, we operate in a threat landscape shaped by advanced cyber threats, regulatory pressure, and geopolitical complexity. Security at Cegal is not theoretical. It must work every day in real‑world conditions.

We are establishing a centralized Core Security Department and are now looking for an experienced security Manager to lead and further mature our core security capabilities.

This is a strategic leadership role for someone who combines deep security competence, credible advisory capability, and the ability to build culture, teams, and trust both inside and outside Cegal.

Your mission and responsibilities

As Manager, Core Security, your mission is to establish, lead and continuously mature a central Core Security capability that protects our organization and enables secure operations for customers running critical infrastructure across multiple jurisdictions.

You are accountable for ensuring that security controls are effective, resilient, and operationally embedded, and that they hold up against real threats, not just during audits.

In this role, you will:

• Own and evolve the Core Security strategy in line with business priorities, threat intelligence, and regulatory requirements
• Take technical ownership of security across Azure-first cloud environments, integrated with hybrid and on‑prem infrastructure
• Ensure consistent enforcement of secure configuration baselines, hardening standards, and continuous security posture monitoring
• Drive adoption and operational maturity of Zero Trust architecture, including IAM, MFA, RBAC, and privileged access management
• Ensure strong detection and incident response capabilities, working closely with SOC functions and acting as Incident Commander during major incidents
• Proactively identify risk, exposure, and control gaps, and drive timely, risk-based remediation
• Lead risk, compliance, and governance efforts, ensuring alignment with Sikkerhetsloven, NIS2, GDPR and DORA where applicable
• Maintain continuous audit readiness for ISO/IEC 27001, SOC 2, and customer or regulator-driven audits
• Translate threat intelligence, vulnerabilities, and external exposure into prioritized, actionable security improvements
• Steer and contribute in executive risk and governance forums
• Develop and lead a strong Core Security team, setting high technical standards and fostering accountability, trust, and ownership

Who are you?

We are looking for a manager with:

• Senior leadership experience in cybersecurity, preferably from regulated or critical‑infrastructure environments such as energy, finance, telecom, public sector, or MSP/MSSP
• Strong hands-on expertise in Microsoft Azure security, including Entra ID, Defender, Sentinel, and platform and workload security
• Proven experience securing hybrid environments with consistent, enforceable security controls
• Experience operating across multiple jurisdictions (EU / USA)
• Solid understanding of modern threat landscapes and risk-based security management
• The ability to communicate technical security risk clearly to executives, customers, and regulators
• A relevant senior security certification such as CISSP or CISM
• Eligibility for Norwegian security clearance

Why Cegal?

Cegal is the place for people who want to have an impact! What makes us unique is the combination of deep energy industry expertise, advanced technology and scalable delivery models. What we do can be seen in real-world outcomes and on bottom-lines, not just on powerpoint slides.

While we are big enough to have work with global customers, we are still small enough for you to make a real difference and stand out. With colleagues from 40+ nationalities, diverse perspectives strengthen outcomes and good ideas travel fast.

If you like improving how things are done, you'll have room to do it here. We value people who lean forward, take ownership and create clarity in complex environments. We believe great things happen when we dare to raise the bar for ourselves and each other, driven by our values of accountability, innovation, proactivity and fuss fighting.

This is a direct company recruitment. We will not accept applications or candidates via employment agencies. As a candidate you will need to have a valid working visa for Norway. Cegal does not sponsor visas. For successful candidates, Cegal might ask for consent to perform a background check.

We are growing to become a global nextgen tech company that enables a more sustainable future, by providing specialized cloud operations, software and consulting services to the energy sector.

We aim to be an exciting place to work and great place to grow, professionally and personally. Whether you want to deepen your expertise, explore new roles, or to be a leader, we challenge and support you to achieve your ambitions and increase your impact.

Learn more at www.cegal.com