Overview
bp Sunbury-On-Thames, England, United Kingdom
Job Title: Information Security Lead
Entity: Technology
Job Family Group: IT&S Group
bp is a global energy business with a purpose to reimagine energy for people and our planet. We aim to be a very different kind of energy company by 2030, helping the world reach net zero and improving people’s lives. We are committed to creating a diverse and inclusive environment where everyone can thrive. Join bp and become part of the team building our future!
To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC).
We’re looking for curious minds who are driven by opportunities to build value and deliver secure digital products and services to advance the global energy transition.
Role Synopsis
In the digital era, where data breaches and cyber threats are realities, the role of an Information Security Lead has never been more critical. Our partnership with the business is essential to ensuring the confidentiality, integrity, and availability of an organisation's data and information systems. You will offer insights that influence the development and deployment of secure, resilient solutions and services. Your expertise enables teams to innovate with confidence, knowing their solutions align with the highest standards of data protection and regulatory compliance.
Key Accountabilities
* Relationship and Customer management: Act as the main point of contact for all Digital Security enquiries within the relevant business portfolio. Build strong partnerships and influence positive change that serves the commercial ambitions.
* Security Expertise: Provide technical expertise, implementing digital security operating processes aligned to security standards across all value stream activities.
* Safety: Prioritize cyber and operational safety, improve digital security controls through architecture designs and processes to maintain our cyber posture and react to new threats.
You will
* Monitor and Assess: Keep a vigilant eye on our digital domains, using innovative tools to detect and assess threats. This includes collaborating on the identification, assessment and management of risk.
* Strategize and Protect: Develop and implement robust security measures, crafting a secure environment for our data and systems.
* Respond and Recover: Partner with customers during security incidents with a calm, calculated approach, minimising impact and guiding recovery efforts.
* Educate and Advocate: Champion security awareness across the organisation, encouraging vigilance and responsibility.
* Innovate and Guide: Provide strategic insights to teams, ensuring security is a cornerstone of product development and business operations.
* Protect & Defend: Proactively mitigate cyber risks and coordinate the remediation of findings from vulnerability scans, supplier assurance, and compliance reviews, supporting the digital Delivery teams in maintaining high levels of cyber hygiene.
Education
* Degree educated, preferably BSc in Information Security or equivalent.
* Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) or working towards certification.
* Knowledge of security frameworks such as ISO 27001/2, NIST, and CIS framework is highly advantageous.
Desirable Experience And Capability
* Previous track record in similar roles in Finance, HR, Trading, Retail, Supply or Oil and Gas companies.
* Strong influencing skills to communicate technical information to both technical and non-technical audiences.
* Deep technical knowledge and experience delivering security solutions and providing technical advice.
* Proven ability to deliver business benefits by balancing protection of the organization's commercial aims with operations of core value streams.
* Experience working within developing digital ecosystems with multiple partners and environments, ensuring suitable digital security standards and practices.
* Good understanding of enterprise and operational risk management, risk governance and compliance requirements.
* Excellent project management skills, with the ability to lead multiple projects simultaneously.
* Able to adapt to shifting priorities, demands, and timelines and keep customers informed of impacts to delivery timescales and business impact.
* Ability to use technology, data, and insights to enable decision making.
Additional Information
* We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
* Travel Requirement: No travel is expected with this role
* Relocation Assistance: This role is not eligible for relocation
* Remote Type: This position is a hybrid of office/remote working
* Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism
* Legal Disclaimer: We are an equal opportunity employer and value diversity. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment related to bp’s recruiting process. If you would like to request an adjustment related to the recruitment process, please contact us.
If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.
#J-18808-Ljbffr