Senior Incident Responder

We are looking for the right people - people who want to innovate, achieve, grow and lead. We attract and retain the best talent by investing in our employees and empowering them to develop themselves and their careers. Experience the challenges, rewards and opportunity of working for one of the world's largest providers of products and services to the global energy industry.

Job Duties

Halliburton is seeking a seasoned incident responder with deep expertise in threat hunting to join our global security team. This individual will lead high-impact investigations, proactively hunt for threats in complex enterprise environments, and provide expert guidance in detecting, containing, and eradicating advanced adversaries. Ideal candidates have operated in high-stakes consulting environments, demonstrated mastery in both forensics and threat detection, and can translate technical findings into business impact.

• Lead and execute digital forensics and incident response (DFIR) engagements for internal and external threats.
• Conduct proactive threat hunting operations across endpoints, logs, and cloud platforms to identify stealthy or novel attack patterns.
• Perform root cause analysis using forensic tools (X-Ways, Magnet AXIOM, Volatility, Cellebrite, etc.).
• Develop, refine, and tune detection logic in SIEM and EDR platforms (e.g., Splunk, LogScale, CrowdStrike).
• Collaborate with SOC, engineering, and red/purple teams to close detection gaps and improve incident response playbooks.
• Deliver actionable reporting and threat intelligence to technical and executive stakeholders.
• Mentor junior responders and contribute to team capability building

Qualifications

 

• 5+ years of experience in digital forensics, incident response, or threat hunting roles
• Proven consulting experience with global IR firms or world class internal IR functions
• Strong command of adversary TTPs (MITRE ATT&CK), malware analysis fundamentals, and intrusion lifecycle
• Proficiency in Python or PowerShell to automate analysis or detection workflows is a plus
• Experience with cloud forensics is a strong advantage
• Certifications such as GCFA, GCIH, GREM, CISSP, or eCPPTv2 are preferred

Candidates having qualifications that exceed the minimum job requirements will receive consideration for higher level roles given (1) their experience, (2) additional job requirements, and/or (3) business needs. Depending on education, experience, and skill level, a variety of job opportunities might be available, including Domain Architect.
Halliburton is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.

Location
3000 N. Sam Houston Parkway E., Houston, Texas, 77032, United States

Job Details
Requisition Number: 201426
Experience Level: Experienced Hire
Job Family: Support Services
Product Service Line: Global Information Security
Full Time / Part Time: Full Time
Additional Locations for this position:

Compensation Information
Compensation is competitive and commensurate with experience.