Job
Description
Grade FResponsible for delivering information security and risk activities for the specialism, using highly advanced technical capabilities to contribute to strategic development by defining and implementing processes and procedures, resolving complex, high-risk security issues, evaluating and amending solutions and developing trusted relationships that improve the knowledge and capability within the specialism. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security. Entity: Technology IT&S Group Job Description: You will work with This role connects digital security with C&P business teams, advising on cyber, compliance, risk management, data loss prevention and focusing on customer data risk. They strategically integrate cybersecurity into new initiatives and technology roadmaps and tactically support incident management. This role is a senior level leader reporting directly to the SVP of Digital Security and is part of the Digital Security Leadership Team. Let me tell you about the role As an Information Security Principal, you will collaborate across digital security and various business units. As the trusted cyber security advisor to the Customer and Products (C&P) business, you ll embed cyber security in everything we do from our customer interactions to our product offerings. You will align security controls with business objectives and regulatory requirements by executing our cyber security strategy to stated risk tolerances. This role requires a deep understanding of both cyber security, IT, and business operations across diverse markets, each with unique security challenges and regulatory landscapes. Youll lead a team of cyber experts and manage digital security across the portfolio. What you will deliver Business outcomes: Collaborate with business units to identify and address cyber security risks and vulnerabilities. Develop and implement security policies, procedures, and guidelines that align with business goals. Security Expertise: Provide technical expertise in Information Security, implementing operating processes and ensuring alignment to security standards across all activities including regulatory compliance. Incident Management: Coordinate incident response efforts and manage communication with affected business units. Team Leadership: Lead, coach, and develop a resilient team, aligning with Technology vision and strategy, fostering a culture of continuous improvement and career progression. Relationship Management: Act as the main point of contact for information security for your area of accountability, building strong partnerships and influencing positive change. Safety: Prioritize operational safety, enhancing digital security through architecture, designs, and processes. What you will need to be successful (experience and qualifications) Education: Tertiary level education or equivalent work experience. Certifications: Relevant certifications such as CISSP, CISM, or CISA are desirable. Experience: Significant experience in internal or external information security and risk roles Strong understanding of cyber security frameworks, standards, and best practices Significant experience in IT operational processes, delivery, and operations Experience working with customer-facing and regional businesses - such as aviation, retail and/or convenience and emerging markets Experience working in a large enterprise environment Technical knowledge in delivering security solutions and leading security processes Consistent track record in forming effective partnerships with the business and collaborative management Leadership and EQ: Experience working in globally distributed teams with ability to work asynchronously Effectively influence and act as change agent for the front line and leadership Cultivate positive team morale and empower team members Demonstrate strong leadership, uphold BPs code of conduct and values Promote a culture of change, agility, and open communication Stay up-to-date with the latest cyber security trends, threats, and technologies About bp bp is a global energy business with a purpose to reimagine energy for people and our planet. We aim to be a very different kind of energy company by 2030, helping the world reach net zero and improving people s lives. We are committed to creating a diverse and inclusive environment where everyone can thrive. Join bp and become part of the team building our future! We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Travel Requirement Negligible travel should be expected with this role Relocation Assistance: This role is eligible for relocation within country Remote Type: This position is a hybrid of office/remote working Skills:
