Search by job, company or skills

bp

Information security engineering specialist

bp
Pune, India
5-7 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted a month ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Job Description

To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC).

Are you passionate about protecting what matters most We're seeking someone who is passionate about identifying and implementing security solutions that make bp a cyber resilient organisation! Our Business Information Security team partners with the business to help them understand cyber risk and be accountable for cyber security.

We're looking for curious minds who are driven by opportunities to build value and deliver secure products and services to advance bp's strategy.

Role Synopsis

In the digital era, where data breaches and cyber threats are not just possibilities but realities, the role of an Information Security Engineering Specialist has never been more critical. Working closely with bp's business areas, you will support the protection of IT systems and business data that are important to bp's operations - while upholding compliance and Zero Trust principles.

You will conduct security assessments, respond to security queries, and provide security expertise. Your expertise will help ensure that business teams can operate with confidence, knowing their systems and processes are secure.

Ready to make a real impact in energy security Join us in safeguarding the people, processes and systems that power our transition to net zero!

Key Accountabilities

In this role you will deliver security activities to support bp's business. This role focuses on hands-on security assessment and advisory activities with the following key accountabilities:

Microsoft 365 Security

  • Architect, configure and maintain security controls across the Microsoft 365 suite (Exchange Online, SharePoint, OneDrive, Teams, Entra ID).
  • Implement and optimize Microsoft Purview (DLP, Information Protection, eDiscovery, Insider Risk) and Defender suite (MDE, MDO, MDI, MDA).
  • Develop and enforce Conditional Access, MFA and identity governance policies.

Generative AI Security

  • Define and implement security guardrails for Microsoft Copilot, Azure OpenAI and other GenAI platforms.
  • Establish secure prompt-handling guidelines, data access controls and AI usage policies.
  • Conduct risk assessments for AI integrations and ensure regulatory compliance (e.g., GDPR, ISO 27001).

Modern Device Management Security

  • Strong knowledge and practical exposure to security baselines and compliance policies of Intune (Windows, macOS, iOS, Android) and Workspace One.
  • Deploy device encryption, endpoint protection and secure application delivery.
  • Monitor, investigate and remediate endpoint security threats.

Threat Detection & Response

  • Monitor and respond to incidents using Microsoft Sentinel and other SIEM/SOAR tools.
  • Conduct proactive threat hunting and vulnerability management (Qualys, Wiz).
  • Lead security incident response activities for M365, AI services and endpoints.

Governance & Compliance

  • Maintain security posture reviews and audit readiness for M365, AI tools and MDM platforms.
  • Align controls with NIST CSF, CIS Benchmarks and Zero Trust frameworks.
  • Collaborate with compliance teams to meet legal and regulatory obligations.
  • Assess and communicate cybersecurity risks for their potential impacts and mitigation strategies to our customers.
  • Assist with the development and promoting good cyber behaviors in day-to-day operations to build strong cyber security culture across the organization.

Automation & Continuous Improvement

  • Develop security automation using PowerShell, Python, bash, Graph API, or similar tools.
  • Track emerging M365, AI and MDM features and proactively assess security impact.

Education

  • Bachelor's degree or equivalent experience in Information or Cyber Security, Computer Science, Engineering.
  • Working towards professional certifications such as Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), or CompTIA Security+.
  • Knowledge of security frameworks such as ISO 27001/2, NIST and CIS framework.

Desirable Experience And Capability

  • 5+ years in Information Security engineering, with strong hands-on expertise in:

Microsoft 365 security administration (Entra ID, Defender, Purview).

Modern Device Management (Intune, Jamf, Windows Autopilot).

Generative AI security and governance.

  • Deep knowledge of identity protection, Zero Trust and cloud security models.
  • Proficiency in security scripting/automation (PowerShell, Python, bash).
  • Incident response, forensics and vulnerability remediation experience.
  • Strong understanding of regulatory compliance (GDPR, ISO 27001, NIST, CIS).
  • Ability to explain security concepts to a variety of audiences.
  • Solid grasp of cyber risk assessment methodologies and the ability to translate technical findings into business impact assessments.
  • Ability to use technology, data, and insights to enable decision making.

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Information Security
Employment Type:
Full time

About Company

bp

Job ID: 132141877

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 14-12-2025 01:53:40 AM
Homejobs in PuneInformation security engineering specialist

Similar Jobs

Information Security Engineering Specialist

bp