Information Security Specialist

About bp

Our purpose is to deliver energy to the world, today and tomorrow. For over 100 years, bp has focused on discovering, developing, and producing oil and gas in the nations where we operate. We are one of the few companies globally that can provide governments and customers with an integrated energy offering. Delivering our strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner!

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Job Description:

To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC).

Are you passionate about protecting what matters most We're seeking someone who is passionate about identifying and implementing security solutions that make bp a cyber resilient organisation! Our Business Information Security team partners with the business to help them understand cyber risk and be accountable for cyber security.

We're looking for curious minds who are driven by opportunities to build value and deliver secure products and services to advance bp's strategy.

Role Synopsis

In the digital era, where data breaches and cyber threats are not just possibilities but realities, the role of a Global Information Security Specialist has never been more critical. Working closely with the Production and Operations (P&O) and Gas and Low Carbon Energy (GLCE) business areas, you will support the protection of IT systems and business data that are important to bp's energy production capabilities.

You will conduct security assessments, respond to security queries, and provide security expertise. Your expertise will help ensure that P&O teams can operate with confidence, knowing their systems and processes are secure.

Ready to make a real impact in energy security Join us in safeguarding the people, processes and systems that power our transition to net zero!

Key Accountabilities

In this role you will deliver security activities to support the P&O and G&LCE business areas. This role focuses on hands-on security assessment and advisory activities with the following key accountabilities:

• Security Assessments: We need someone that can conduct comprehensive assessments of systems, identifying risks and issues while recommending appropriate remediation measures.
• Technical & Non-Technical Risk Advisory: You'll assess and communicate cybersecurity risks. We want our customers to understand potential impacts and mitigation strategies clearly.
• Cyber Behaviour Promotion: We strive to build a strong cyber security culture. You'll assist with the development and promoting good cyber behaviours in day-to-day operations.
• Incident Management Support: When security incidents happen, we need you to provide specialist security expertise. You'll support incident response activities and improvement recommendations.
• Customer Support: We want you to act as the go-to point of contact for information security. You'll provide timely and accurate expertise on security matters affecting their systems or data.

You will:

• Assess and Evaluate: You'll perform regular security assessments of P&O and GL&CE systems. We use established methodologies to identify potential risks, weaknesses and security gaps.
• Respond and Advise: We require someone who can offer our customers practical and tailored cyber security solutions. These solutions must align with operational requirements.
• Analyze and Report: You'll evaluate risks and prepare clear, actionable recommendations, and communicate these with both business and technical audiences.
• Support and Collaborate: We work closely with P&O teams to implement security measures. You'll help maintain robust security posture while aligning with operational needs.
• Promote and Educate: We nurture positive cyber security behaviours! You'll work within P&O teams through targeted awareness activities, training support, and expert guidance.
• Monitor and Review: We want someone who understands the security landscape affecting P&O systems and stay ahead of emerging threats and industry standard methodologies.

Education

• Bachelor's degree or equivalent experience in Information or Cyber Security, Computer Science, Engineering.
• Working towards professional certifications such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or CompTIA Security+.
• Knowledge of security frameworks such as ISO 27001/2, NIST, and CIS framework.

Desirable Experience and Capability

• Previous track record in information security roles, preferably with some exposure to operational technology (OT) or industrial control systems environments.
• Ability to explain security concepts to a variety of audiences in the P&O domain.
• Solid grasp of cyber risk assessment methodologies and the ability to translate technical findings into business impact assessments.
• Attention to detail and ability to work independently while balancing multiple activities.
• Ability to adapt security recommendations to different operating environments.
• Ability to use technology, data, and insights to enable decision making.

Legal Disclaimer:

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp's recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.