Senior Cybersecurity and Compliance Analyst - Landmark

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, Information Technology, or a related field, or equivalent experience that demonstrates the same depth
• 5+ years in cybersecurity, GRC, IT audit, or risk management, with real accountability for outcomes.
• Solid working knowledge of security controls, vulnerability management, identity and access management, and cloud security
• Experience with at least one major compliance framework — ISO 27001, SOC 2, NIST, or equivalent — including conducting assessments, gathering evidence, and seeing findings through to resolution
• Clear written and verbal communication skills, with the ability to write a policy, analyze a finding, and explain the risk to someone who is not a security professional

Nice To Haves

• Industry certifications such as CISSP, CISA, CISM, Security+, CCSK, or equivalent
• Hands-on experience with cloud platforms such as Azure or AWS and their native security services
• Familiarity with secure SDLC, DevSecOps, and CI/CD pipeline tools and practices
• Background in a regulated industry — energy, oil and gas, finance, healthcare, or similar environments where security obligations are genuinely high-stakes
• Experience securing commercial software, including SaaS platforms, on-premises enterprise products, or both

Responsibilities

• Perform ongoing risk assessments, vulnerability reviews, and security control evaluations across applications, infrastructure, and cloud environments
• Review findings from SAST, DAST, SCA, and IaC scans; assess real-world risk; and recommend actionable mitigations
• Analyze identified security issues, recommend mitigation strategies, and track remediation efforts through to closure
• Support incident response by providing compliance guidance, maintaining documentation, and contributing to post-incident review and improvement
• Track emerging threats and evolving security trends in commercial software and the energy sector, and translate them into practical recommendations
• Own day-to-day maintenance of cybersecurity policies, standards, and procedures — keeping them accurate, current, and written in a way teams can use
• Support alignment with key regulatory and industry frameworks including ISO 27001, SOC 2, and NIST CSF
• Collect and prepare evidence for external audits, certifications, and internal control reviews
• Execute control testing, document results, and drive corrective action plans to closure
• Manage governance exceptions through the Halliburton Governance process
• Participate in vendor and partner security reviews
• Develop and deliver security awareness programs suited to a software engineering and product environment
• Serve as a practical resource for engineering, product, and business teams, offering clear guidance on secure development practices, compliance requirements, and how to reduce risk in everyday work
• Work directly with engineering, IT, product, and business stakeholders to weave security and compliance requirements into projects, processes, and the software development lifecycle
• Manage security and compliance projects and assist in evaluating new security technologies
• Maintain and improve GRC platforms and compliance tooling — such as ServiceNow GRC and Archer — so they surface useful, timely information rather than simply storing it
• Build and maintain metrics, dashboards, and reports that give leadership an honest view of risk posture and compliance status
• Handle customer security questionnaires and contract security reviews with accuracy and technical credibility

Benefits

• competitive compensation
• bonus
• long-term incentive programs