Cybersecurity Engineer Visa Sponsorship Jobs in Texas
Texas is one of the top states for cybersecurity engineer visa sponsorship, driven by major tech and defense employers in Austin, Dallas, San Antonio, and Houston. Companies like Dell Technologies, AT&T, Raytheon, and Lockheed Martin regularly hire and sponsor cybersecurity talent. The state's expanding tech sector and federal contractor presence create consistent demand for skilled engineers.
Find Cybersecurity Engineer JobsOverview
Showing 5 of 404+ Cybersecurity Engineer Jobs in Texas with Visa Sponsorship
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
See all 404+ Cybersecurity Engineer Jobs in Texas with Visa Sponsorship
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Cybersecurity Engineer Jobs in Texas with Visa Sponsorship.
Get Access To All JobsINTRODUCTION
An exciting career awaits you. At MPC, we’re committed to being a great place to work – one that welcomes new ideas, encourages diverse perspectives, develops our people, and fosters a collaborative team environment.
Position Summary
The Senior Cybersecurity Engineer, Cyber Threat Detection plays a critical role in safeguarding Marathon Petroleum Corporation’s digital and operational assets across enterprise IT and industrial control systems (ICS/OT). This position is responsible for engineering and optimizing threat detection logic to identify, analyze, and respond to emerging cyber threats targeting both business and field operations, including refineries, pipelines, terminals, and remote industrial facilities.
Working as part of the Cyber Threat Operations team within the Cyber Fusion Center, the engineer will translate complex threat intelligence into high-fidelity detection capabilities, develop automated response workflows, and contribute to the ongoing enhancement of incident response playbooks. The role requires close coordination with internal teams including threat hunting, incident response, threat intelligence, and infrastructure to ensure alignment between detection strategy, risk posture, and operational resiliency.
The ideal candidate is technically proficient, collaborative, and mission-driven, with a strong understanding of IT/OT security principles and a passion for protecting critical infrastructure within the energy sector.
KEY RESPONSIBILITIES
- Clearly understands business requirements and is able to identify risk and risk mitigations.
- Resolves routine multi-functional technical issues and supports resolution of complex issues.
- Recognizes established Cybersecurity assessments, standards and applies them in practice to security systems.
- Contributes to the efficiency and effectiveness of Security solutions, processes and controls in place by building, testing, and maintaining security automation and orchestration workflows to accelerate detection and response across environments.
- Identifies and provides recommendations towards process improvement and/or solution remediation and assists in developing steps within Standard Operating Procedures. Identifies business impacting events and performs initial investigation.
- Monitors networks, systems, and applications for signs of potential cybersecurity incidents. Investigates and analyzes the nature and scope of cyber incidents by developing, implementing, and continuously refining cyber threat detection logic across the corporate SIEM/SOAR platform.
- Analyzes security protocols, administers and maintains security audits and reports of cyber systems access and activity; participates in disaster recovery planning per corporate guidelines.
- Delivers and implements global security initiatives, policies, and compliance requirements. Identifies cybersecurity metrics and applicability for various teams.
- Takes action through collaboration to improve metric results.
- Executes cyber security-related consulting, guidance, and support to customers and stakeholders by documenting detection content, orchestration logic, tuning efforts, and automation workflows for internal knowledge sharing and auditability.
- Follows emerging Information Technology/Operations Technology and cybersecurity technology trends as well as their impact on the security landscape.
EDUCATION AND EXPERIENCE
- Bachelor’s Degree in Information Technology, related field or equivalent experience.
- Professional certification, e.g. Security+, Network+, OSCP, GIAC, CEH preferred.
- Two (2) or more years of relevant experience required.
- Hands-on experience with SIEM platforms (e.g., Splunk, Google SecOps, QRadar), detection rule creation, and alert tuning required.
- Experience with scripting (e.g., Python, PowerShell) and security automation/orchestration tools (e.g., SOAR platforms like Google SecOps, Cortex XSOAR, Splunk SOAR, or Swimlane) required.
- Familiarity with ICS/OT networks and industrial protocols such as Modbus, DNP3, and OPC preferred.
- Knowledge of threat frameworks including MITRE ATT&CK and Cyber Kill Chain preferred.
SKILLS
- Authentic Communicator: Expresses ideas and information, both verbally and in writing, clearly and credibly. Listens to understand and fosters constructive dialogue.
- Cybersecurity Risk Management: The process of developing cyber risk assessment and treatment techniques that can effectively pre-empt and identify significant security loopholes and weaknesses, demonstrating the business risks associated with these loopholes and providing risk treatment and prioritization strategies to effectively address the cyber-related risks, threats and vulnerabilities, ensuring appropriate levels of protection, confidentiality, integrity and privacy in alignment with the security framework.
- General Programming: Applies a computer language to communicate with computers using a set of instructions and to automate the execution of tasks.
- Intrusion Detection: The use of security analytics, including the outputs from intelligence analysis, predictive research and root cause analysis in order to search for and detect potential breaches or identify recognized indicators and warnings. Also, monitoring and collating external vulnerability reports for organizational relevance, ensuring that relevant vulnerabilities are rectified through formal change processes.
- Penetration Testing: The practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. Penetration testing can be automated with software applications or performed manually.
- Security Controls: Manages and maintains an information system that focuses on the management of risk and the management of information systems security.
- Security Governance: The process of developing and disseminating corporate security policies, frameworks and guidelines to ensure that day-to-day business operations are guarded and well protected against risks, threats and vulnerabilities.
- Security Information & Event Management (SIEM): A set of tools and services offering real-time visibility across an organization's information security systems, and event log management that consolidates data from numerous sources.
- Security Policy Management: The process of identifying, implementing, and managing the rules and procedures that all individuals must follow when accessing and using an organization's IT assets and resources.
- Threat Analysis: Monitor intelligence-gathering and anticipate potential threats to an IT/OT systems proactively. This involves the pre-emptive analysis of potential perpetrators, anomalous activities and evidence-based knowledge and inferences on perpetrators' motivations and tactics.
- Threat Hunting: Searches through networks, endpoints, and datasets to detect and isolate cyber threats that evade existing security solutions.
- Vulnerability Management: The process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures and providing the organization with the necessary knowledge, awareness and risk background to understand the threats to its business.
As an energy industry leader, our career opportunities fuel personal and professional growth.
LOCATION
Location: San Antonio, Texas
Additional locations:
Job Requisition ID: 00021991
Location Address: 19100 Ridgewood Pkwy
EMPLOYEE GROUP
Full time
EMPLOYEE SUBGROUP
Regular
Marathon Petroleum Company LP is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without discrimination on the basis of race, color, religion, creed, sex, gender (including pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity, gender expression, reproductive health decision-making, age, mental or physical disability, medical condition or AIDS/HIV status, ancestry, national origin, genetic information, military, veteran status, marital status, citizenship or any other status protected by applicable federal, state, or local laws.
If you would like more information about your EEO rights as an applicant, click here.
If you need a reasonable accommodation for any part of the application process at Marathon Petroleum LP, please contact our Human Resources Department at talentacquisition@marathonpetroleum.com. Please specify the reasonable accommodation you are requesting, along with the job posting number in which you may be interested. A Human Resources representative will review your request and contact you to discuss a reasonable accommodation.
Marathon Petroleum offers a total rewards program which includes, but is not limited to, access to health, vision, and dental insurance, paid time off, 401k matching program, paid parental leave, and educational reimbursement. Detailed benefit information is available at https://mympcbenefits.com. The hired candidate will also be eligible for a discretionary company-sponsored annual bonus program.
Equal Opportunity Employer: Veteran / Disability
We will consider all qualified Applicants for employment, including those with arrest or conviction records, in a manner consistent with the requirements of applicable state and local laws. In reviewing criminal history in connection with a conditional offer of employment, Marathon will consider the key responsibilities of the role.
INTRODUCTION
An exciting career awaits you. At MPC, we’re committed to being a great place to work – one that welcomes new ideas, encourages diverse perspectives, develops our people, and fosters a collaborative team environment.
Position Summary
The Senior Cybersecurity Engineer, Cyber Threat Detection plays a critical role in safeguarding Marathon Petroleum Corporation’s digital and operational assets across enterprise IT and industrial control systems (ICS/OT). This position is responsible for engineering and optimizing threat detection logic to identify, analyze, and respond to emerging cyber threats targeting both business and field operations, including refineries, pipelines, terminals, and remote industrial facilities.
Working as part of the Cyber Threat Operations team within the Cyber Fusion Center, the engineer will translate complex threat intelligence into high-fidelity detection capabilities, develop automated response workflows, and contribute to the ongoing enhancement of incident response playbooks. The role requires close coordination with internal teams including threat hunting, incident response, threat intelligence, and infrastructure to ensure alignment between detection strategy, risk posture, and operational resiliency.
The ideal candidate is technically proficient, collaborative, and mission-driven, with a strong understanding of IT/OT security principles and a passion for protecting critical infrastructure within the energy sector.
KEY RESPONSIBILITIES
- Clearly understands business requirements and is able to identify risk and risk mitigations.
- Resolves routine multi-functional technical issues and supports resolution of complex issues.
- Recognizes established Cybersecurity assessments, standards and applies them in practice to security systems.
- Contributes to the efficiency and effectiveness of Security solutions, processes and controls in place by building, testing, and maintaining security automation and orchestration workflows to accelerate detection and response across environments.
- Identifies and provides recommendations towards process improvement and/or solution remediation and assists in developing steps within Standard Operating Procedures. Identifies business impacting events and performs initial investigation.
- Monitors networks, systems, and applications for signs of potential cybersecurity incidents. Investigates and analyzes the nature and scope of cyber incidents by developing, implementing, and continuously refining cyber threat detection logic across the corporate SIEM/SOAR platform.
- Analyzes security protocols, administers and maintains security audits and reports of cyber systems access and activity; participates in disaster recovery planning per corporate guidelines.
- Delivers and implements global security initiatives, policies, and compliance requirements. Identifies cybersecurity metrics and applicability for various teams.
- Takes action through collaboration to improve metric results.
- Executes cyber security-related consulting, guidance, and support to customers and stakeholders by documenting detection content, orchestration logic, tuning efforts, and automation workflows for internal knowledge sharing and auditability.
- Follows emerging Information Technology/Operations Technology and cybersecurity technology trends as well as their impact on the security landscape.
EDUCATION AND EXPERIENCE
- Bachelor’s Degree in Information Technology, related field or equivalent experience.
- Professional certification, e.g. Security+, Network+, OSCP, GIAC, CEH preferred.
- Two (2) or more years of relevant experience required.
- Hands-on experience with SIEM platforms (e.g., Splunk, Google SecOps, QRadar), detection rule creation, and alert tuning required.
- Experience with scripting (e.g., Python, PowerShell) and security automation/orchestration tools (e.g., SOAR platforms like Google SecOps, Cortex XSOAR, Splunk SOAR, or Swimlane) required.
- Familiarity with ICS/OT networks and industrial protocols such as Modbus, DNP3, and OPC preferred.
- Knowledge of threat frameworks including MITRE ATT&CK and Cyber Kill Chain preferred.
SKILLS
- Authentic Communicator: Expresses ideas and information, both verbally and in writing, clearly and credibly. Listens to understand and fosters constructive dialogue.
- Cybersecurity Risk Management: The process of developing cyber risk assessment and treatment techniques that can effectively pre-empt and identify significant security loopholes and weaknesses, demonstrating the business risks associated with these loopholes and providing risk treatment and prioritization strategies to effectively address the cyber-related risks, threats and vulnerabilities, ensuring appropriate levels of protection, confidentiality, integrity and privacy in alignment with the security framework.
- General Programming: Applies a computer language to communicate with computers using a set of instructions and to automate the execution of tasks.
- Intrusion Detection: The use of security analytics, including the outputs from intelligence analysis, predictive research and root cause analysis in order to search for and detect potential breaches or identify recognized indicators and warnings. Also, monitoring and collating external vulnerability reports for organizational relevance, ensuring that relevant vulnerabilities are rectified through formal change processes.
- Penetration Testing: The practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. Penetration testing can be automated with software applications or performed manually.
- Security Controls: Manages and maintains an information system that focuses on the management of risk and the management of information systems security.
- Security Governance: The process of developing and disseminating corporate security policies, frameworks and guidelines to ensure that day-to-day business operations are guarded and well protected against risks, threats and vulnerabilities.
- Security Information & Event Management (SIEM): A set of tools and services offering real-time visibility across an organization's information security systems, and event log management that consolidates data from numerous sources.
- Security Policy Management: The process of identifying, implementing, and managing the rules and procedures that all individuals must follow when accessing and using an organization's IT assets and resources.
- Threat Analysis: Monitor intelligence-gathering and anticipate potential threats to an IT/OT systems proactively. This involves the pre-emptive analysis of potential perpetrators, anomalous activities and evidence-based knowledge and inferences on perpetrators' motivations and tactics.
- Threat Hunting: Searches through networks, endpoints, and datasets to detect and isolate cyber threats that evade existing security solutions.
- Vulnerability Management: The process of defining, identifying, classifying and prioritizing vulnerabilities in computer systems, applications and network infrastructures and providing the organization with the necessary knowledge, awareness and risk background to understand the threats to its business.
As an energy industry leader, our career opportunities fuel personal and professional growth.
LOCATION
Location: San Antonio, Texas
Additional locations:
Job Requisition ID: 00021991
Location Address: 19100 Ridgewood Pkwy
EMPLOYEE GROUP
Full time
EMPLOYEE SUBGROUP
Regular
Marathon Petroleum Company LP is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without discrimination on the basis of race, color, religion, creed, sex, gender (including pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity, gender expression, reproductive health decision-making, age, mental or physical disability, medical condition or AIDS/HIV status, ancestry, national origin, genetic information, military, veteran status, marital status, citizenship or any other status protected by applicable federal, state, or local laws.
If you would like more information about your EEO rights as an applicant, click here.
If you need a reasonable accommodation for any part of the application process at Marathon Petroleum LP, please contact our Human Resources Department at talentacquisition@marathonpetroleum.com. Please specify the reasonable accommodation you are requesting, along with the job posting number in which you may be interested. A Human Resources representative will review your request and contact you to discuss a reasonable accommodation.
Marathon Petroleum offers a total rewards program which includes, but is not limited to, access to health, vision, and dental insurance, paid time off, 401k matching program, paid parental leave, and educational reimbursement. Detailed benefit information is available at https://mympcbenefits.com. The hired candidate will also be eligible for a discretionary company-sponsored annual bonus program.
Equal Opportunity Employer: Veteran / Disability
We will consider all qualified Applicants for employment, including those with arrest or conviction records, in a manner consistent with the requirements of applicable state and local laws. In reviewing criminal history in connection with a conditional offer of employment, Marathon will consider the key responsibilities of the role.
Cybersecurity Engineer Job Roles in Texas
See all 404+ Cybersecurity Engineer Jobs in Texas
Sign up for free to filter by visa type, set job alerts, and find employers with verified sponsorship history.
Search Cybersecurity Engineer Jobs in TexasCybersecurity Engineer Jobs in Texas: Frequently Asked Questions
Which companies in Texas sponsor visas for cybersecurity engineers?
Large employers with established sponsorship track records include Dell Technologies and NXP Semiconductors in Austin, AT&T and Tenet Healthcare in Dallas, Raytheon and USAA in San Antonio, and ExxonMobil and Hewlett Packard Enterprise in Houston. Federal defense contractors operating in Texas are also active sponsors, given the state's significant military and government IT infrastructure.
Which visa types are most common for cybersecurity engineer roles in Texas?
The H-1B visa is the most common visa for cybersecurity engineers in Texas, as the role qualifies as a specialty occupation requiring a bachelor's degree or higher in computer science, information security, or a related field. Some employers also sponsor L-1B visas for engineers transferring from foreign offices. Candidates with advanced research backgrounds occasionally pursue O-1A visas based on extraordinary ability.
Which cities in Texas have the most cybersecurity engineer sponsorship jobs?
Austin leads due to its concentration of technology companies and growing startup ecosystem. Dallas and its suburbs, particularly Plano and Irving, are home to major financial services and telecom employers with active sponsorship programs. San Antonio has a distinct edge from its large military and federal contractor presence, including NSA-affiliated facilities, making it one of the strongest cybersecurity hiring markets in the country.
How to find cybersecurity engineer visa sponsorship jobs in Texas?
Migrate Mate filters job listings specifically for roles where employers have a documented history of visa sponsorship, so you can focus on cybersecurity engineer positions in Texas without sorting through companies that don't sponsor. The platform is particularly useful for H-1B dependent candidates who need to identify employers actively filing LCAs for security-focused engineering roles in cities like Austin, Dallas, and San Antonio.
Are there any Texas-specific factors that affect cybersecurity engineer sponsorship?
Texas has a strong university pipeline feeding cybersecurity talent through programs at UT Austin, Texas A&M, and UT San Antonio, which is a designated National Center of Academic Excellence in Cyber Defense. The high concentration of defense and government contractors means some roles require security clearances, which can complicate sponsorship since clearances are generally not accessible to non-U.S. citizens. Commercial tech and financial services employers in Austin and Dallas tend to have fewer clearance restrictions.
What is the prevailing wage for sponsored cybersecurity engineer jobs in Texas?
U.S. employers sponsoring a visa must pay at least the prevailing wage, which is what workers in the same role, area, and experience level typically earn. The Department of Labor sets this rate to make sure companies aren't hiring foreign workers simply because they'd accept lower pay than a U.S. worker. It varies by job title, location, and experience. You can look up current prevailing wage rates for any occupation and location using the OFLC Wage Search page.