← all jobs

[Remote] IT Security Specialist - Security Operations Center (SOC)

Work from home Full-time role Hiring

Note: The job is a remote job and is open to candidates in USA. Murphy Oil Corporation is looking for an IT Security Specialist to support our growing Global Cybersecurity team. This critical role involves overseeing the detection and response to cyber incidents, managing daily SOC operations, maturing the SOC capability, leading and mentoring specialists, and supporting our expanding Global Cybersecurity team.

Responsibilities

  • Contribute to cybersecurity vision, roadmap, and execution plan
  • Lead and mature the enterprise incident response process including updating the plan, documenting playbooks, facilitating cyber drills, coordinating with Incident Response vendors, setting up alternate communication channels, implementing automation in IR process to reduce response time, etc
  • Respond immediately to any security-related incidents (e.g., data breaches, viruses, phishing scams) and perform/lead cyber incident triage, including determining scope, urgency, potential impact, and materiality, identifying the specific vulnerability, and making recommendations that enable expeditious remediation
  • Oversee the day-to-day operational support of the SOC, including leading the weekly SOC Incident review meetings, handling and prioritizing help desk tickets, incidents, and cases. This role maintains direct oversight of the cyber service desk queue and is accountable for queue hygiene, SLA reporting, and driving corrective action when SLA targets are missed
  • Oversee On-Call support capability and provide On-Call support ensuring timely response in remediating critical incidents after hours and weekends. This role owns the on-call support function end-to-end: maintaining a current on-call schedule, ensuring all on-call personnel understand their roles and escalation paths, monitoring that after-hours and weekend incidents are acknowledged and responded to within defined SLAs, and conducting post-incident reviews when response timeliness falls short of expectations
  • Collaborate with service desk and infrastructure teams to deploy critical security patches in a timely manner, formalize vulnerability management program and introduce automation
  • Collaborate with the Head of IT Security to implement security architecture best practices within incident response and daily SOC activities
  • Support the Head of IT Security by providing leadership and guidance to the cybersecurity team in managing day-to-day operations and responding to incidents
  • Establish scoring and grading metrics to measure effectiveness of the SOC
  • Establish relationships between the incident response team and other groups, both internal (e.g., legal department) and external (e.g., law enforcement agencies, vendors, public relations professionals)
  • Keep current with latest cyber security developments, threat intel, attack methods, emerging tools/technologies/strategies, and disseminate across IT
  • Lead special projects as assigned
  • Oversee SIEM use case development and alert tuning in partnership with the managed SOC/MDR provider; identify automation opportunities and work to eliminate false positive noise and detection gaps
  • Lead proactive threat hunting activities, either directly or through coordination with the MDR partner, to identify threats that evade automated detection; document findings and translate results into new detection logic
  • Develop, schedule, and facilitate cybersecurity tabletop exercises and simulations for SOC staff, IT leadership, legal, and relevant business stakeholders; track findings and drive remediation of identified process gaps
  • Define, track, and report on SOC key performance indicators (KPIs) and security metrics dashboards for IT leadership and executive audiences, including mean time to detect (MTTD), mean time to respond (MTTR), and vulnerability remediation SLA compliance
  • Oversee application security coordination responsibilities within the vulnerability management program: track findings from DAST/SAST scans and penetration tests, partner with development and IT teams to prioritize and remediate application-layer vulnerabilities

Skills

  • Bachelor's degree in cyber security, Computer Science, or a related Information Technology field
  • Minimum 15 years' experience in cyber security with 2 years' experience in working in a Security Operations Center (SOC)
  • Hands-on experience investigating (potential) security incidents including analyzing high volumes of logs, network data and other attack artifacts
  • Hands-on experience documenting Incident Response plans, playbooks and SOPs in line with security best practice standards such as NIST, SANS, etc
  • Knowledge of incident categories, incident responses, and timelines for responses
  • Knowledge of security best practice standards such as NIST CSF, NIST 800-53, ISO 27001, etc
  • Familiarity with a standardized incident response framework (SANS/NIST)
  • Knowledge of different classes of attacks (e.g., passive, active, insider, distribution attacks)
  • Knowledge of cyberattack vectors and stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, etc.)
  • Knowledge of penetration testing principles, tools, and techniques
  • Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection)
  • Knowledge of Cyber Kill Chain methodology, and/or MITRE ATT&CK framework
  • Able to manage multiple projects and initiatives concurrently
  • Ability to work independently and with others
  • Highly organized with strong time-management skills
  • Basic awareness of operational technology (OT) / industrial control system (ICS) security concepts, including the difference between IT and OT threat models and the applicability of standards such as NIST 800-82 or ISA/IEC 62443
  • Minimum 2 years' experience working in a managed SOC environment
  • Experience leading a SOC (with both onshore and offshore resources)
  • Hands-on cyber incident response experience including prior experience responding to large scale incidents such as a Ransomware attack, supply chain attack, or data breach
  • Experience with industry leading SIEM platforms such as Google Chronicle SIEM, Azure Sentinel
  • Strong experience with Microsoft 365 Defender suite (Defender for Identity, O365, Endpoints, Cloud App Security, Conditional Access), Azure Defender suite (Defender for Cloud, Servers, App Service, Storage, SQL, Kubernetes, Resource Manager, IoT, Key Vault), Microsoft Purview Compliance Manager, and Intune
  • Experience deploying Security Orchestration, Automation and Response (SOAR) Solutions
  • Experience in writing scripts (e.g., PowerShell, PERL, Python, KQL, VBS) to perform tasks like parsing large data files, automating manual tasks, and fetching/processing data
  • Experience working within Oil/Gas industry
  • Knowledge of network security implementations (e.g., host-based IDS, IPS, access control lists), including their function and placement in a network
  • Knowledge of system administration, network, and operating system hardening techniques
  • Experience with proactive threat hunting methodologies and tools (e.g., hypothesis-driven hunting using MITRE ATT&CK, behavioral analytics, or TIP platforms); ability to translate threat intelligence into actionable hunting campaigns
  • Hands-on experience with detection engineering: writing and tuning SIEM detection rules, developing SOAR playbooks, and reducing alert fatigue through use case optimization
  • Experience with OT/ICS cybersecurity environments in oil and gas, energy, or critical infrastructure; familiarity with Purdue Model, OT network segmentation, or SCADA security concepts is a plus
  • Experience defining and reporting on SOC performance metrics (MTTD, MTTR, SLA adherence, false positive rate) to IT leadership and executive stakeholders

Company Overview

  • Murphy Oil Corporation is a International Oil and Gas Leader. It was founded in 1950, and is headquartered in Plainview, Arkansas, USA, with a workforce of 501-1000 employees. Its website is http://www.murphyoilcorp.com.
  • More open positions

    [Remote] Senior Strategic Account Executive

    Work from home Full-time role

    [Remote] Implementation Project Manager

    Work from home Full-time role

    [Remote] Senior Director, Marketing Operations & Technology

    Work from home Full-time role

    [Remote] Oracle Cloud Integration Engineer

    Work from home Full-time role

    [Remote] Financial Software Engineer

    Work from home Full-time role

    Fully-Remote Legal Assistant/Data Processor (US Business Hours)

    Work from home Full-time role

    Senior .Net Application Developer

    Work from home Full-time role

    Phone Survey Coordinator- Remote

    Work from home Full-time role

    Strategic Account Executive

    Work from home Full-time role

    Telecommunications Project Lead (Hybrid or Remote)

    Work from home Full-time role

    Salesforce Agentforce Specialist

    Work from home Full-time role

    [Hiring] Senior Policy Advisor @Institute for Responsive Government

    Work from home Full-time role

    Content Moderator – Home-Based Role with Training

    Work from home Full-time role

    Manager, Learning & Talent Development

    Work from home Full-time role

    Senior Business Intelligence Engineer

    Work from home Full-time role

    Partner Development Director, Enterprise Technologies

    Work from home Full-time role

    Voiceover Artist – Remote Projects – Night Assignments Available

    Work from home Full-time role

    Apply Now-Part Time Remote Data Entry Job (CVS ...

    Work from home Full-time role

    Associate Director, TLL Field Leader, CAPLYTA

    Work from home Full-time role

    Product Analyst

    Work from home Full-time role

    Asst. Scientist

    Work from home Full-time role