SOC Manager

Job description: Job Duties and Qualifications

• Design, implement, and manage Halliburton’s global Security Operations Center strategy, including processes, tools, and team structure.• Provide 24x7 oversight of security operations across multiple geographic regions and time zones• Coordinate security monitoring and response activities across regional teams and offices• Develop and implement integrated security monitoring solutions that bridge IT and OT environments• Create specialized incident response procedures and playbooks for OT security incidents• Establish OT-specific security monitoring, detection, and response capabilities• Lead the implementation and integration of security technologies including SIEM, SOAR, EDR, and Threat Intelligence platforms on a global scale• Serve as the primary liaison between the Information Security Organization and our outsourced Security Operations Center vendor, ensuring clear communication and alignment of objectives• Establish, monitor, and enforce Service Level Agreements (SLAs) with the outsourced SOC vendor• Develop and maintain security monitoring strategies, incident response procedures, and SOC play books that address regional and global requirements• Build and mentor the internal security team to complement the outsourced SOC capabilities• Create metrics, KPIs, and reporting frameworks to measure both internal and outsourced SOC effectiveness across regions• Manage vendor relationships and ensure outsourced services meet Halliburton’s global security requirements• Facilitate knowledge transfer between outsourced SOC and internal security teams • Collaborate with IT, Legal, and other internal business teams to ensure controls are sufficient and organizational needs are being met. • Stay current with emerging threats, vulnerabilities, and security trends to continuously enhance global security posture

Requirements:

• 12+ years of experience in cybersecurity with 6+ years in SOC leadership roles• Experience with global security operations and managing teams across multiple geographic regions• Proven experience designing, building, and operating a Security Operations Center• Experience managing third-party security service providers and vendor relationships• Deep technical knowledge of SIEM platforms (e.g., Splunk, Azure Sentinel, Palo Alto XSIAM)• Experience with OT/ICS security monitoring and incident response• Knowledge of OT protocols (e.g., Modbus, DNP3, OPC UA) and OT security frameworks• Understanding security challenges specific to industrial control systems and SCADA environments• Hands-on experience implementing and managing SOAR, EDR, and Threat Intelligence solutions• Strong contract and SLA management skills• Strong understanding of the cyber kill chain, MITRE ATT&CK framework, and threat hunting methodologies• Experience leading incident response for significant security events on a global scale• Excellent communications skills with the ability to translate technical concepts for executive audiences• Knowledge of international security standards and regional regulatory requirements like NIST, ISO, and GDPR

Preferred Qualifications:• Bachelor’s or Master’s degree in Computer Science, Information Security, Information Systems, or related field• Industry Certifications such as CISSP, CISM, GIAC (GCFA, GCFE, GEIR, GNFA, and/or GCIH)• OT-specific certifications such as GIAC GICSP, ISA/IEC 62443, or equivalent• Background in industrial environments (oil & gas, manufacturing, utilities, etc.)• Experience integrating IT and OT security operations• Experience with Cloud Security Monitoring tools• Background in threat modeling and risk assessment