Senior Cybersecurity Analyst

Position Summary

The Senior Cybersecurity Analyst plays a critical role in advancing Chord Energy’s cybersecurity posture by leading complex security initiatives, conducting in-depth threat analysis, and driving continuous improvement of security operations. This role serves as a technical expert and escalation point for security incidents, collaborates with cross-functional teams to implement advanced security controls, and ensures alignment with industry best practices and regulatory requirements. This position is located in downtown Houston. Level and salary commensurate with experience.

Essential Job Functions

- Lead advanced threat detection, analysis, and response efforts across corporate, SCADA, mobile, and cloud environments

- Serve as a technical escalation point for complex security incidents and investigations

- Conduct proactive threat hunting and develop detection use cases in collaboration with SOC partners

- Develop and refine security playbooks, incident response procedures, and forensic analysis workflows

- Collaborate with IT teams to integrate security into infrastructure and application designs

- Evaluate and recommend advanced security tools and technologies; contribute to budget planning

- Lead risk assessments and penetration testing efforts, identifying vulnerabilities across environments and coordinating remediation in alignment with industry standards

- Assess and coordinate risk of third-party technologies as they relate to Company IT systems and data (Software-as-a-Service, Infrastructure-as-a-Services, consulting, new software and hardware solutions, etc.)

- Develop and maintain security metrics and dashboards for executive reporting and continuous improvement

- Support compliance efforts by aligning controls with SOX, NIST, and other regulatory frameworks

- Mentor junior analysts and contribute to knowledge sharing within the security team

- Facilitate collaborative security simulations and tabletop exercises designed to validate incident response, remediation, and recovery capabilities across IT systems and data environments

- Drive automation and orchestration of security operations, leveraging tools like SOAR, SIEM, and AI/ML-based threat detection

- Maintain and enhance endpoint, network, and cloud security configurations and monitoring

- Assist in the development and enforcement of security policies, standards, and procedures

- Lead the company’s security awareness and training program, providing guidance to business units and conducting remedial education on secure practices as needed

- Ability to work in a fast-paced and fluid environment; flexible with the demands of a growing company

- On call rotation

This job description is not intended to be an all-inclusive list of duties and responsibilities of the position. Incumbents will be required to follow any other job-related instructions and duties outside of their normal responsibilities as assigned by their supervisor.

Minimum Qualifications

- Bachelor’s Degree in Information Security, Computer Science, or related field (or equivalent experience)

- 8+ years of progressive experience in cybersecurity operations, including hands-on threat detection, incident response, vulnerability management, and security monitoring

- Proven experience with cloud security (AWS, Azure, GCP), SCADA/IOT environments, and hybrid infrastructure

- Demonstrated experience conducting incident postmortems and root cause analysis for significant security events, with the ability to document findings and drive improvements

- Strong knowledge of security technologies (SIEM, IDS/IPS, IAM, PKI, DLP, etc.)

- Demonstrated experience with enterprise-grade security platforms such as CrowdStrike Falcon and Microsoft Defender for Endpoint/Sentinel

- Extensive experience working with managed detection and response (MDR) services like Arctic Wolf, including working with external SOC teams and interpreting threat intelligence reports

- Solid understanding of regulatory frameworks (SOX, NIST, CIS, etc.)

- Proficient in scripting or automation (e.g., PowerShell, Python) for security operations

- Strong knowledge of network architecture, firewalls, IDS/IPS, and secure coding practices

- Strong analytical, communication, and documentation skills

- Project leadership experience on security initiatives

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Preferred Qualifications

- Relevant certifications (e.g., CISSP, GCIA, GCIH, CEH, Azure Security Engineer, AWS Certified Security – Specialty)

- Experience in upstream Oil & Gas environments

- Understanding of SCADA/IOT security principles and industrial control systems

- Familiarity with MITRE ATT&CK framework and threat intelligence platforms

EEO Statement:

Chord Energy does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor.