AGÕæÈË°Ù¼ÒÀÖ

Job Duties and Qualifications

•ÌýÌ� ÌýDesign, implement, and manage Halliburton’s global Security Operations Center strategy, including processes, tools, and team structure.
•ÌýÌ� ÌýProvide 24x7 oversight of security operations across multiple geographic regions and time zones
•ÌýÌ� ÌýCoordinate security monitoring and response activities across regional teams and offices
•ÌýÌ� ÌýDevelop and implement integrated security monitoring solutions that bridge IT and OT environments
•ÌýÌ� ÌýCreate specialized incident response procedures and playbooks for OT security incidents
•ÌýÌ� ÌýEstablish OT-specific security monitoring, detection, and response capabilities
•ÌýÌ� ÌýLead the implementation and integration of security technologies including SIEM, SOAR, EDR, and Threat Intelligence platforms on a global scale
•ÌýÌ� ÌýServe as the primary liaison between the Information Security Organization and our outsourced Security Operations Center vendor, ensuring clear communication and alignment of objectives
•ÌýÌ� ÌýEstablish, monitor, and enforce Service Level Agreements (SLAs) with the outsourced SOC vendor
•ÌýÌ� ÌýDevelop and maintain security monitoring strategies, incident response procedures, and SOC play books that address regional and global requirements
•ÌýÌ� ÌýBuild and mentor the internal security team to complement the outsourced SOC capabilities
•ÌýÌ� ÌýCreate metrics, KPIs, and reporting frameworks to measure both internal and outsourced SOC effectiveness across regions
•ÌýÌ� ÌýManage vendor relationships and ensure outsourced services meet Halliburton’s global security requirements
•ÌýÌ� ÌýFacilitate knowledge transfer between outsourced SOC and internal security teamsÌý
•ÌýÌ� ÌýCollaborate with IT, Legal, and other internal business teams to ensure controls are sufficient and organizational needs are being met.Ìý
•ÌýÌ� ÌýStay current with emerging threats, vulnerabilities, and security trends to continuously enhance global security posture

Requirements:

•ÌýÌ� Ìý12+ years of experience in cybersecurity with 6+ years in SOC leadership roles
•ÌýÌ� ÌýExperience with global security operations and managing teams across multiple geographic regions
•ÌýÌ� ÌýProven experience designing, building, and operating a Security Operations Center
•ÌýÌ� ÌýExperience managing third-party security service providers and vendor relationships
•ÌýÌ� ÌýDeep technical knowledge of SIEM platforms (e.g., Splunk, Azure Sentinel, Palo Alto XSIAM)
•ÌýÌ� ÌýExperience with OT/ICS security monitoring and incident response
•ÌýÌ� ÌýKnowledge of OT protocols (e.g., Modbus, DNP3, OPC UA) and OT security frameworks
•ÌýÌ� ÌýUnderstanding security challenges specific to industrial control systems and SCADA environments
•ÌýÌ� ÌýHands-on experience implementing and managing SOAR, EDR, and Threat Intelligence solutions
•ÌýÌ� ÌýStrong contract and SLA management skills
•ÌýÌ� ÌýStrong understanding of the cyber kill chain, MITRE ATT&CK framework, and threat hunting methodologies
•ÌýÌ� ÌýExperience leading incident response for significant security events on a global scale
•ÌýÌ� ÌýExcellent communications skills with the ability to translate technical concepts for executive audiences
•ÌýÌ� ÌýKnowledge of international security standards and regional regulatory requirements like NIST, ISO, and GDPR
Ìý

Preferred Qualifications:
•ÌýÌ� ÌýBachelor’s or Master’s degree in Computer Science, Information Security, Information Systems, or related field
•ÌýÌ� ÌýIndustry Certifications such as CISSP, CISM, GIAC (GCFA, GCFE, GEIR, GNFA, and/or GCIH)
•ÌýÌ� ÌýOT-specific certifications such as GIAC GICSP, ISA/IEC 62443, or equivalent
•ÌýÌ� ÌýBackground in industrial environments (oil & gas, manufacturing, utilities, etc.)
•ÌýÌ� ÌýExperience integrating IT and OT security operations
•ÌýÌ� ÌýExperience with Cloud Security Monitoring tools
•ÌýÌ� ÌýBackground in threat modeling and risk assessment