SOC Manager

Job Duties and Qualifications

•    Design, implement, and manage Halliburton’s global Security Operations Center strategy, including processes, tools, and team structure.
•    Provide 24x7 oversight of security operations across multiple geographic regions and time zones
•    Coordinate security monitoring and response activities across regional teams and offices
•    Develop and implement integrated security monitoring solutions that bridge IT and OT environments
•    Create specialized incident response procedures and playbooks for OT security incidents
•    Establish OT-specific security monitoring, detection, and response capabilities
•    Lead the implementation and integration of security technologies including SIEM, SOAR, EDR, and Threat Intelligence platforms on a global scale
•    Serve as the primary liaison between the Information Security Organization and our outsourced Security Operations Center vendor, ensuring clear communication and alignment of objectives
•    Establish, monitor, and enforce Service Level Agreements (SLAs) with the outsourced SOC vendor
•    Develop and maintain security monitoring strategies, incident response procedures, and SOC play books that address regional and global requirements
•    Build and mentor the internal security team to complement the outsourced SOC capabilities
•    Create metrics, KPIs, and reporting frameworks to measure both internal and outsourced SOC effectiveness across regions
•    Manage vendor relationships and ensure outsourced services meet Halliburton’s global security requirements
•    Facilitate knowledge transfer between outsourced SOC and internal security teams 
•    Collaborate with IT, Legal, and other internal business teams to ensure controls are sufficient and organizational needs are being met. 
•    Stay current with emerging threats, vulnerabilities, and security trends to continuously enhance global security posture

Requirements:

•    12+ years of experience in cybersecurity with 6+ years in SOC leadership roles
•    Experience with global security operations and managing teams across multiple geographic regions
•    Proven experience designing, building, and operating a Security Operations Center
•    Experience managing third-party security service providers and vendor relationships
•    Deep technical knowledge of SIEM platforms (e.g., Splunk, Azure Sentinel, Palo Alto XSIAM)
•    Experience with OT/ICS security monitoring and incident response
•    Knowledge of OT protocols (e.g., Modbus, DNP3, OPC UA) and OT security frameworks
•    Understanding security challenges specific to industrial control systems and SCADA environments
•    Hands-on experience implementing and managing SOAR, EDR, and Threat Intelligence solutions
•    Strong contract and SLA management skills
•    Strong understanding of the cyber kill chain, MITRE ATT&CK framework, and threat hunting methodologies
•    Experience leading incident response for significant security events on a global scale
•    Excellent communications skills with the ability to translate technical concepts for executive audiences
•    Knowledge of international security standards and regional regulatory requirements like NIST, ISO, and GDPR
 

Preferred Qualifications:
•    Bachelor’s or Master’s degree in Computer Science, Information Security, Information Systems, or related field
•    Industry Certifications such as CISSP, CISM, GIAC (GCFA, GCFE, GEIR, GNFA, and/or GCIH)
•    OT-specific certifications such as GIAC GICSP, ISA/IEC 62443, or equivalent
•    Background in industrial environments (oil & gas, manufacturing, utilities, etc.)
•    Experience integrating IT and OT security operations
•    Experience with Cloud Security Monitoring tools
•    Background in threat modeling and risk assessment