Entity:
Technology
Job Family Group:
IT&S GroupTo enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC).Are you passionate about protecting what matters most? We're seeking someone who is passionate about identifying and implementing security solutions that make bp a cyber resilient organisation! Our Business Information Security team partners with the business to help them understand cyber risk and be accountable for cyber security.We're looking for curious minds who are driven by opportunities to build value and deliver secure products and services to advance bp's strategy.
Role Synopsis
In the digital era, where data breaches and cyber threats are not just possibilities but realities, the role of a Global Information Security Specialist has never been more critical. Working closely with the Supply Trading and Shipping (ST&S) business areas, you will support the protection of IT systems and business data that are important to bp's energy production capabilities.You will conduct security assessments, respond to security queries, and provide security expertise. Your expertise will help ensure that ST&S teams can operate with confidence, knowing their systems and processes are secure.Ready to make a real impact in energy trading security? Join us in safeguarding the people, processes and systems that power our transition to net zero!
Key Accountabilities
In this role you will deliver security activities to support the ST&S business areas. This role focuses on hands-on security assessment and advisory activities with the following key accountabilities:
- Security Assessments: We need someone that can conduct comprehensive assessments of systems, identify risks and issues while recommending appropriate remediation measures.
- Technical & Non-Technical Risk Advisory: You'll assess and communicate cybersecurity risks. We want our customers to understand potential impacts and mitigation strategies clearly.
- Cyber Behaviour Promotion: We strive to build a strong cyber security culture. You'll assist with the development and promoting good cyber behaviours in day-to-day operations.
- Incident Management Support: When security incidents happen, we need you to provide specialist security expertise. You'll support incident response activities and improvement recommendations.
- Customer Support: We want you to act as the go-to point of contact for information security. You'll provide timely and accurate expertise on security matters affecting their systems or data.
You will:
- Assess and Evaluate: You'll perform regular security assessments of ST&S systems. We use established methodologies to identify potential risks, weaknesses and security gaps.
- Respond and Advise: We require someone who can offer our customers practical and tailored cyber security solutions. These solutions must align with operational requirements.
- Analyse and Report: You'll evaluate risks and prepare clear, actionable recommendations, and communicate these with both business and technical audiences.
- Support and Collaborate: We work closely with ST&S teams to implement security measures. You'll help maintain a robust security posture while aligning with operational needs.
- Promote and Educate: We nurture positive cyber security behaviours! You'll work within P&O teams through targeted awareness activities, training support, and expert guidance.
- Monitor and Review: We want someone who understands the security landscape affecting ST&S systems and stay ahead of emerging threats and industry standard methodologies.
Education
- Bachelor's degree or equivalent experience in Information or Cyber Security, Computer Science, Engineering.
- Working towards professional certifications such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or CompTIA Security+.
- Knowledge of security frameworks such as ISO 27001/2, NIST, and CIS framework.
Desirable Experience And Capability
- Previous track record in information security roles, preferably with some exposure to trading technology (OT) or financial regulated environments.
- Ability to explain security concepts to a variety of audiences in the ST&S domain.
- Solid grasp of cyber risk assessment methodologies and the ability to translate technical findings into business impact assessments.
- Attention to detail and ability to work independently while balancing multiple activities.
- Ability to adapt security recommendations to different operating environments.
- Ability to use technology, data, and insights to enable decision making.
Travel Requirement
Up to 10% travel should be expected with this role
Relocation Assistance:
This role is eligible for relocation within country
Remote Type:
This position is a hybrid of office/remote working
Skills:
Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism
Legal Disclaimer:
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.
