Information Security Specialist

Grade H - Office/ CoreResponsible for supporting information security and risk activities for the specialism, using sound technical capabilities to review and adjust information security processes, supporting the delivery of security solutions, recommending improvements to security strategies and managing external service providers, as required. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security. Technology IT&S Group You will work with

• Provide guidance to delivery team on specifics of PCI requirements, as relevant to the Channel of trade and local legislation.
• Support delivery teams to design enhancements to existing payment systems and services to maintain an appropriate level of security and compliance.
• Support delivery teams to design, build and operate new innovative IT solutions that incorporate appropriate levels of security and meet compliance requirements.
• Provide advice on appropriate PCI testing programs.
• Work with an appointed QSA & central Digital Security team to co-ordinate relevant input into the yearly audit process.
• Ensure PCI compliance issues are understood and have agreed remediation plans.
• Report on PCI compliance activity and status to broader Security & Compliance teams.
• Conduct PCI Awareness training sessions and champion PCI as an enabler to safe, secure, and compliant payment channels across bp s customer offers.
• Identify and manage any new emerging requirements.
• Highlight and deliver continuous improvement initiatives, with a focus on how we can use AI and automation to improve effectiveness and efficiency of controls

• Similar experience supporting global IT teams to understand, implement and maintain relevant security controls to meet PCI compliance. Ideally gained within a large-scale global organization supporting retail businesses
• Deep understanding of global PCI requirements and practical experience of implementing security controls to achieve them.
• Have delivered compliance, audit or testing programs previously.
• Experience forming effective and collaborative partnerships with other digital teams & stakeholders

• You are a Certified Information Security Manager (CISM) with 8+ years of Security Experience.
• Either a Payment Card Industry Professional (PCIP) or Payment Card Industry Internal Security Assessor (PCI ISA).
• Have excellent stakeholder and problem management skills.

Up to 10% travel should be expected with this role This role is eligible for relocation within country This position is a hybrid of office/remote working Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism