Job Details

About Landmark

Landmark, a Halliburton company, builds the software and data platforms that help the global energy industry make better decisions. Our products span subsurface interpretation, well construction planning, reservoir simulation, and digital operations. These are tools used daily by engineers and scientists at the world’s largest energy companies, running as cloud-native SaaS platforms and as enterprise on-premises solutions deployed at some of the world’s largest operators.

About the Role

As Cybersecurity & Compliance Senior Analyst at Landmark, you will be a hands-on practitioner at the center of how we protect the software the E&P industry depends on. You will partner with engineering, IT, and product teams to make Landmark software genuinely more secure, carrying real accountability across a broad scope of technical and compliance work.

The E&P industry relies on Landmark software to make high-stakes decisions around reservoir modeling, well planning, and production optimization. Our customers — major oil and gas operators worldwide — hold us to a high bar on security and compliance, whether they run our software in their own data centers or subscribe to it as a SaaS platform. You will be the person who keeps that bar high: evaluating controls, analyzing risks, closing gaps, supporting audits, and ensuring that security is embedded in how we build and deliver software rather than added after the fact.

This role suits someone who thrives at the intersection of application security, GRC, and commercial software delivery, and who wants their work to show up in products that the E&P industry depends on.

Job Duties

• Perform ongoing risk assessments, vulnerability reviews, and security control evaluations across applications, infrastructure, and cloud environments
• Review findings from SAST, DAST, SCA, and IaC scans; assess real-world risk; and recommend actionable mitigations
• Analyze identified security issues, recommend mitigation strategies, and track remediation efforts through to closure
• Support incident response by providing compliance guidance, maintaining documentation, and contributing to post-incident review and improvement
• Track emerging threats and evolving security trends in commercial software and the energy sector, and translate them into practical recommendations

Governance, Compliance, and Audit Support

• Own day-to-day maintenance of cybersecurity policies, standards, and procedures — keeping them accurate, current, and written in a way teams can use
• Support alignment with key regulatory and industry frameworks including ISO 27001, SOC 2, and NIST CSF
• Collect and prepare evidence for external audits, certifications, and internal control reviews
• Execute control testing, document results, and drive corrective action plans to closure
• Manage governance exceptions through the Halliburton Governance process
• Participate in vendor and partner security reviews

Security Awareness and Training

• Develop and deliver security awareness programs suited to a software engineering and product environment
• Serve as a practical resource for engineering, product, and business teams, offering clear guidance on secure development practices, compliance requirements, and how to reduce risk in everyday work

Collaboration, Tooling, and Process Improvement

•  Work directly with engineering, IT, product, and business stakeholders to weave security and compliance requirements into projects, processes, and the software development lifecycle
• Manage security and compliance projects and assist in evaluating new security technologies
• Maintain and improve GRC platforms and compliance tooling — such as ServiceNow GRC and Archer — so they surface useful, timely information rather than simply storing it
• Build and maintain metrics, dashboards, and reports that give leadership an honest view of risk posture and compliance status
• Handle customer security questionnaires and contract security reviews with accuracy and technical credibility

Qualifications

• Bachelor’s degree in Computer Science, Information Security, Information Technology, or a related field, or equivalent experience that demonstrates the same depth
• 5+ years in cybersecurity, GRC, IT audit, or risk management, with real accountability for outcomes.
• Solid working knowledge of security controls, vulnerability management, identity and access management, and cloud security
• Experience with at least one major compliance framework — ISO 27001, SOC 2, NIST, or equivalent — including conducting assessments, gathering evidence, and seeing findings through to resolution
• Clear written and verbal communication skills, with the ability to write a policy, analyze a finding, and explain the risk to someone who is not a security professional

Preferred

• Industry certifications such as CISSP, CISA, CISM, Security+, CCSK, or equivalent
• Hands-on experience with cloud platforms such as Azure or AWS and their native security services
• Familiarity with secure SDLC, DevSecOps, and CI/CD pipeline tools and practices
• Background in a regulated industry — energy, oil and gas, finance, healthcare, or similar environments where security obligations are genuinely high-stakes
• Experience securing commercial software, including SaaS platforms, on-premises enterprise products, or both

Candidates having qualifications that exceed the minimum job requirements will receive consideration for higher level roles given (1) their experience, (2) additional job requirements, and/or (3) business needs. Depending on education, experience, and skill level, a variety of job opportunities might be available, including Principal Release Mgmt.

How You Work

The person who succeeds in this role brings a specific combination of qualities. You are detail-oriented with strong follow-through: you catch what others miss and stay with a problem until it is resolved. You are collaborative across teams and influential without authority, earning trust with engineering, product, and business teams by showing up prepared and being genuinely helpful. You think critically and solve problems practically, cutting through ambiguity, weighing real risk, and landing on solutions that work. You communicate clearly across technical and business audiences, explaining a complex security issue to a developer, a product manager, and a customer without losing any of them. And you bring the integrity, discretion, and professionalism that this kind of access to sensitive information and customer-facing responsibilities demands.

Why Landmark

Security at Landmark is not a compliance checkbox. It is a direct part of how we earn and keep the trust of the world’s largest energy operators. The software you help protect runs in some of the most demanding and regulated environments in the industry, and the work you do here shows up in every product we ship. We build small, high-ownership teams and invest in the quality of every person on them. You will have direct access to engineering and product leadership, a broad scope that spans both technical security and governance, and the opportunity to shape how security is practiced in a commercial software organization that takes it seriously. Landmark offers competitive compensation including bonus and long-term incentive programs, and a role where your contribution is visible and your accountability is real.

About Landmark

Landmark, a Halliburton company, builds the software and data platforms that help the global energy industry make better decisions. Our products span subsurface interpretation, well construction planning, reservoir simulation, and digital operations. These are tools used daily by engineers and scientists at the world’s largest energy companies, running as cloud-native SaaS platforms and as enterprise on-premises solutions deployed at some of the world’s largest operators.

About the Role

As Cybersecurity & Compliance Senior Analyst at Landmark, you will be a hands-on practitioner at the center of how we protect the software the E&P industry depends on. You will partner with engineering, IT, and product teams to make Landmark software genuinely more secure, carrying real accountability across a broad scope of technical and compliance work.

The E&P industry relies on Landmark software to make high-stakes decisions around reservoir modeling, well planning, and production optimization. Our customers — major oil and gas operators worldwide — hold us to a high bar on security and compliance, whether they run our software in their own data centers or subscribe to it as a SaaS platform. You will be the person who keeps that bar high: evaluating controls, analyzing risks, closing gaps, supporting audits, and ensuring that security is embedded in how we build and deliver software rather than added after the fact.

This role suits someone who thrives at the intersection of application security, GRC, and commercial software delivery, and who wants their work to show up in products that the E&P industry depends on.

Job Duties

• Perform ongoing risk assessments, vulnerability reviews, and security control evaluations across applications, infrastructure, and cloud environments
• Review findings from SAST, DAST, SCA, and IaC scans; assess real-world risk; and recommend actionable mitigations
• Analyze identified security issues, recommend mitigation strategies, and track remediation efforts through to closure
• Support incident response by providing compliance guidance, maintaining documentation, and contributing to post-incident review and improvement
• Track emerging threats and evolving security trends in commercial software and the energy sector, and translate them into practical recommendations

Governance, Compliance, and Audit Support

• Own day-to-day maintenance of cybersecurity policies, standards, and procedures — keeping them accurate, current, and written in a way teams can use
• Support alignment with key regulatory and industry frameworks including ISO 27001, SOC 2, and NIST CSF
• Collect and prepare evidence for external audits, certifications, and internal control reviews
• Execute control testing, document results, and drive corrective action plans to closure
• Manage governance exceptions through the Halliburton Governance process
• Participate in vendor and partner security reviews

Security Awareness and Training

• Develop and deliver security awareness programs suited to a software engineering and product environment
• Serve as a practical resource for engineering, product, and business teams, offering clear guidance on secure development practices, compliance requirements, and how to reduce risk in everyday work

Collaboration, Tooling, and Process Improvement

•  Work directly with engineering, IT, product, and business stakeholders to weave security and compliance requirements into projects, processes, and the software development lifecycle
• Manage security and compliance projects and assist in evaluating new security technologies
• Maintain and improve GRC platforms and compliance tooling — such as ServiceNow GRC and Archer — so they surface useful, timely information rather than simply storing it
• Build and maintain metrics, dashboards, and reports that give leadership an honest view of risk posture and compliance status
• Handle customer security questionnaires and contract security reviews with accuracy and technical credibility

Qualifications

• Bachelor’s degree in Computer Science, Information Security, Information Technology, or a related field, or equivalent experience that demonstrates the same depth
• 5+ years in cybersecurity, GRC, IT audit, or risk management, with real accountability for outcomes.
• Solid working knowledge of security controls, vulnerability management, identity and access management, and cloud security
• Experience with at least one major compliance framework — ISO 27001, SOC 2, NIST, or equivalent — including conducting assessments, gathering evidence, and seeing findings through to resolution
• Clear written and verbal communication skills, with the ability to write a policy, analyze a finding, and explain the risk to someone who is not a security professional

Preferred

• Industry certifications such as CISSP, CISA, CISM, Security+, CCSK, or equivalent
• Hands-on experience with cloud platforms such as Azure or AWS and their native security services
• Familiarity with secure SDLC, DevSecOps, and CI/CD pipeline tools and practices
• Background in a regulated industry — energy, oil and gas, finance, healthcare, or similar environments where security obligations are genuinely high-stakes
• Experience securing commercial software, including SaaS platforms, on-premises enterprise products, or both

Candidates having qualifications that exceed the minimum job requirements will receive consideration for higher level roles given (1) their experience, (2) additional job requirements, and/or (3) business needs. Depending on education, experience, and skill level, a variety of job opportunities might be available, including Principal Release Mgmt.

How You Work

The person who succeeds in this role brings a specific combination of qualities. You are detail-oriented with strong follow-through: you catch what others miss and stay with a problem until it is resolved. You are collaborative across teams and influential without authority, earning trust with engineering, product, and business teams by showing up prepared and being genuinely helpful. You think critically and solve problems practically, cutting through ambiguity, weighing real risk, and landing on solutions that work. You communicate clearly across technical and business audiences, explaining a complex security issue to a developer, a product manager, and a customer without losing any of them. And you bring the integrity, discretion, and professionalism that this kind of access to sensitive information and customer-facing responsibilities demands.

Why Landmark

Security at Landmark is not a compliance checkbox. It is a direct part of how we earn and keep the trust of the world’s largest energy operators. The software you help protect runs in some of the most demanding and regulated environments in the industry, and the work you do here shows up in every product we ship. We build small, high-ownership teams and invest in the quality of every person on them. You will have direct access to engineering and product leadership, a broad scope that spans both technical security and governance, and the opportunity to shape how security is practiced in a commercial software organization that takes it seriously. Landmark offers competitive compensation including bonus and long-term incentive programs, and a role where your contribution is visible and your accountability is real.

About Landmark

Landmark, a Halliburton company, builds the software and data platforms that help the global energy industry make better decisions. Our products span subsurface interpretation, well construction planning, reservoir simulation, and digital operations. These are tools used daily by engineers and scientists at the world’s largest energy companies, running as cloud-native SaaS platforms and as enterprise on-premises solutions deployed at some of the world’s largest operators.

About the Role

As Cybersecurity & Compliance Senior Analyst at Landmark, you will be a hands-on practitioner at the center of how we protect the software the E&P industry depends on. You will partner with engineering, IT, and product teams to make Landmark software genuinely more secure, carrying real accountability across a broad scope of technical and compliance work.

The E&P industry relies on Landmark software to make high-stakes decisions around reservoir modeling, well planning, and production optimization. Our customers — major oil and gas operators worldwide — hold us to a high bar on security and compliance, whether they run our software in their own data centers or subscribe to it as a SaaS platform. You will be the person who keeps that bar high: evaluating controls, analyzing risks, closing gaps, supporting audits, and ensuring that security is embedded in how we build and deliver software rather than added after the fact.

This role suits someone who thrives at the intersection of application security, GRC, and commercial software delivery, and who wants their work to show up in products that the E&P industry depends on.

Job Duties

• Perform ongoing risk assessments, vulnerability reviews, and security control evaluations across applications, infrastructure, and cloud environments
• Review findings from SAST, DAST, SCA, and IaC scans; assess real-world risk; and recommend actionable mitigations
• Analyze identified security issues, recommend mitigation strategies, and track remediation efforts through to closure
• Support incident response by providing compliance guidance, maintaining documentation, and contributing to post-incident review and improvement
• Track emerging threats and evolving security trends in commercial software and the energy sector, and translate them into practical recommendations

Governance, Compliance, and Audit Support

• Own day-to-day maintenance of cybersecurity policies, standards, and procedures — keeping them accurate, current, and written in a way teams can use
• Support alignment with key regulatory and industry frameworks including ISO 27001, SOC 2, and NIST CSF
• Collect and prepare evidence for external audits, certifications, and internal control reviews
• Execute control testing, document results, and drive corrective action plans to closure
• Manage governance exceptions through the Halliburton Governance process
• Participate in vendor and partner security reviews

Security Awareness and Training

• Develop and deliver security awareness programs suited to a software engineering and product environment
• Serve as a practical resource for engineering, product, and business teams, offering clear guidance on secure development practices, compliance requirements, and how to reduce risk in everyday work

Collaboration, Tooling, and Process Improvement

•  Work directly with engineering, IT, product, and business stakeholders to weave security and compliance requirements into projects, processes, and the software development lifecycle
• Manage security and compliance projects and assist in evaluating new security technologies
• Maintain and improve GRC platforms and compliance tooling — such as ServiceNow GRC and Archer — so they surface useful, timely information rather than simply storing it
• Build and maintain metrics, dashboards, and reports that give leadership an honest view of risk posture and compliance status
• Handle customer security questionnaires and contract security reviews with accuracy and technical credibility

Qualifications

• Bachelor’s degree in Computer Science, Information Security, Information Technology, or a related field, or equivalent experience that demonstrates the same depth
• 5+ years in cybersecurity, GRC, IT audit, or risk management, with real accountability for outcomes.
• Solid working knowledge of security controls, vulnerability management, identity and access management, and cloud security
• Experience with at least one major compliance framework — ISO 27001, SOC 2, NIST, or equivalent — including conducting assessments, gathering evidence, and seeing findings through to resolution
• Clear written and verbal communication skills, with the ability to write a policy, analyze a finding, and explain the risk to someone who is not a security professional

Preferred

• Industry certifications such as CISSP, CISA, CISM, Security+, CCSK, or equivalent
• Hands-on experience with cloud platforms such as Azure or AWS and their native security services
• Familiarity with secure SDLC, DevSecOps, and CI/CD pipeline tools and practices
• Background in a regulated industry — energy, oil and gas, finance, healthcare, or similar environments where security obligations are genuinely high-stakes
• Experience securing commercial software, including SaaS platforms, on-premises enterprise products, or both

Candidates having qualifications that exceed the minimum job requirements will receive consideration for higher level roles given (1) their experience, (2) additional job requirements, and/or (3) business needs. Depending on education, experience, and skill level, a variety of job opportunities might be available, including Principal Release Mgmt.

How You Work

The person who succeeds in this role brings a specific combination of qualities. You are detail-oriented with strong follow-through: you catch what others miss and stay with a problem until it is resolved. You are collaborative across teams and influential without authority, earning trust with engineering, product, and business teams by showing up prepared and being genuinely helpful. You think critically and solve problems practically, cutting through ambiguity, weighing real risk, and landing on solutions that work. You communicate clearly across technical and business audiences, explaining a complex security issue to a developer, a product manager, and a customer without losing any of them. And you bring the integrity, discretion, and professionalism that this kind of access to sensitive information and customer-facing responsibilities demands.

Why Landmark

Security at Landmark is not a compliance checkbox. It is a direct part of how we earn and keep the trust of the world’s largest energy operators. The software you help protect runs in some of the most demanding and regulated environments in the industry, and the work you do here shows up in every product we ship. We build small, high-ownership teams and invest in the quality of every person on them. You will have direct access to engineering and product leadership, a broad scope that spans both technical security and governance, and the opportunity to shape how security is practiced in a commercial software organization that takes it seriously. Landmark offers competitive compensation including bonus and long-term incentive programs, and a role where your contribution is visible and your accountability is real.

About Landmark

Landmark, a Halliburton company, builds the software and data platforms that help the global energy industry make better decisions. Our products span subsurface interpretation, well construction planning, reservoir simulation, and digital operations. These are tools used daily by engineers and scientists at the world’s largest energy companies, running as cloud-native SaaS platforms and as enterprise on-premises solutions deployed at some of the world’s largest operators.

About the Role

As Cybersecurity & Compliance Senior Analyst at Landmark, you will be a hands-on practitioner at the center of how we protect the software the E&P industry depends on. You will partner with engineering, IT, and product teams to make Landmark software genuinely more secure, carrying real accountability across a broad scope of technical and compliance work.

The E&P industry relies on Landmark software to make high-stakes decisions around reservoir modeling, well planning, and production optimization. Our customers — major oil and gas operators worldwide — hold us to a high bar on security and compliance, whether they run our software in their own data centers or subscribe to it as a SaaS platform. You will be the person who keeps that bar high: evaluating controls, analyzing risks, closing gaps, supporting audits, and ensuring that security is embedded in how we build and deliver software rather than added after the fact.

This role suits someone who thrives at the intersection of application security, GRC, and commercial software delivery, and who wants their work to show up in products that the E&P industry depends on.

Job Duties

• Perform ongoing risk assessments, vulnerability reviews, and security control evaluations across applications, infrastructure, and cloud environments
• Review findings from SAST, DAST, SCA, and IaC scans; assess real-world risk; and recommend actionable mitigations
• Analyze identified security issues, recommend mitigation strategies, and track remediation efforts through to closure
• Support incident response by providing compliance guidance, maintaining documentation, and contributing to post-incident review and improvement
• Track emerging threats and evolving security trends in commercial software and the energy sector, and translate them into practical recommendations

Governance, Compliance, and Audit Support

• Own day-to-day maintenance of cybersecurity policies, standards, and procedures — keeping them accurate, current, and written in a way teams can use
• Support alignment with key regulatory and industry frameworks including ISO 27001, SOC 2, and NIST CSF
• Collect and prepare evidence for external audits, certifications, and internal control reviews
• Execute control testing, document results, and drive corrective action plans to closure
• Manage governance exceptions through the Halliburton Governance process
• Participate in vendor and partner security reviews

Security Awareness and Training

• Develop and deliver security awareness programs suited to a software engineering and product environment
• Serve as a practical resource for engineering, product, and business teams, offering clear guidance on secure development practices, compliance requirements, and how to reduce risk in everyday work

Collaboration, Tooling, and Process Improvement

•  Work directly with engineering, IT, product, and business stakeholders to weave security and compliance requirements into projects, processes, and the software development lifecycle
• Manage security and compliance projects and assist in evaluating new security technologies
• Maintain and improve GRC platforms and compliance tooling — such as ServiceNow GRC and Archer — so they surface useful, timely information rather than simply storing it
• Build and maintain metrics, dashboards, and reports that give leadership an honest view of risk posture and compliance status
• Handle customer security questionnaires and contract security reviews with accuracy and technical credibility

Qualifications

• Bachelor’s degree in Computer Science, Information Security, Information Technology, or a related field, or equivalent experience that demonstrates the same depth
• 5+ years in cybersecurity, GRC, IT audit, or risk management, with real accountability for outcomes.
• Solid working knowledge of security controls, vulnerability management, identity and access management, and cloud security
• Experience with at least one major compliance framework — ISO 27001, SOC 2, NIST, or equivalent — including conducting assessments, gathering evidence, and seeing findings through to resolution
• Clear written and verbal communication skills, with the ability to write a policy, analyze a finding, and explain the risk to someone who is not a security professional

Preferred

• Industry certifications such as CISSP, CISA, CISM, Security+, CCSK, or equivalent
• Hands-on experience with cloud platforms such as Azure or AWS and their native security services
• Familiarity with secure SDLC, DevSecOps, and CI/CD pipeline tools and practices
• Background in a regulated industry — energy, oil and gas, finance, healthcare, or similar environments where security obligations are genuinely high-stakes
• Experience securing commercial software, including SaaS platforms, on-premises enterprise products, or both

Candidates having qualifications that exceed the minimum job requirements will receive consideration for higher level roles given (1) their experience, (2) additional job requirements, and/or (3) business needs. Depending on education, experience, and skill level, a variety of job opportunities might be available, including Principal Release Mgmt.

How You Work

The person who succeeds in this role brings a specific combination of qualities. You are detail-oriented with strong follow-through: you catch what others miss and stay with a problem until it is resolved. You are collaborative across teams and influential without authority, earning trust with engineering, product, and business teams by showing up prepared and being genuinely helpful. You think critically and solve problems practically, cutting through ambiguity, weighing real risk, and landing on solutions that work. You communicate clearly across technical and business audiences, explaining a complex security issue to a developer, a product manager, and a customer without losing any of them. And you bring the integrity, discretion, and professionalism that this kind of access to sensitive information and customer-facing responsibilities demands.

Why Landmark

Security at Landmark is not a compliance checkbox. It is a direct part of how we earn and keep the trust of the world’s largest energy operators. The software you help protect runs in some of the most demanding and regulated environments in the industry, and the work you do here shows up in every product we ship. We build small, high-ownership teams and invest in the quality of every person on them. You will have direct access to engineering and product leadership, a broad scope that spans both technical security and governance, and the opportunity to shape how security is practiced in a commercial software organization that takes it seriously. Landmark offers competitive compensation including bonus and long-term incentive programs, and a role where your contribution is visible and your accountability is real.