Information Security Specialist

To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC).

Are you passionate about protecting what matters most? We're seeking someone who is passionate about identifying and implementing security solutions that make bp a cyber resilient organisation! Our Business Information Security team partners with the business to help them understand cyber risk and be accountable for cyber security.

We're looking for curious minds who are driven by opportunities to build value and deliver secure products and services to advance bp's strategy.

Role Synopsis

In the digital era, where data breaches and cyber threats are not just possibilities but realities, the role of a Global Information Security Specialist has never been more critical. Working closely with bp's business areas, you will support the protection of IT systems and business data that are important to bp's operations.

You will conduct security assessments, respond to security queries, and provide security expertise. Your expertise will help ensure that business teams can operate with confidence, knowing their systems and processes are secure.

Ready to make a real impact in energy security? Join us in safeguarding the people, processes and systems that power our transition to net zero!

Key Accountabilities

In this role you will deliver security activities to support bp's business. This role focuses on hands-on security assessment and advisory activities with the following key accountabilities:

• Security Assessments

  : We need someone that can conduct comprehensive assessments of systems, identifying risks and issues while recommending appropriate remediation measures.

• Technical & Non-Technical Risk Advisory

  : You'll assess and communicate cybersecurity risks. We want our customers to understand potential impacts and mitigation strategies clearly.

• Cyber Behaviour Promotion

  : We strive to build a strong cyber security culture. You'll assist with the development and promoting good cyber behaviours in day-to-day operations.

• Incident Management Support

  : When security incidents happen, we need you to provide specialist security expertise. You'll support incident response activities and improvement recommendations.

• Customer Support

  : We want you to act as the go-to point of contact for information security. You'll provide timely and accurate expertise on security matters affecting their systems or data.

You will:

• Assess and Evaluate

  : You'll perform regular security assessments of business systems. We use established methodologies to identify potential risks, weaknesses and security gaps.

• Respond and Advise

  : We require someone who can offer our customers practical and tailored cyber security solutions. These solutions must align with operational requirements.

• Analyze and Report

  : You'll evaluate risks and prepare clear, actionable recommendations, and communicate these with both business and technical audiences.

• Support and Collaborate

  : We work closely with business teams to implement security measures. You'll help maintain robust security posture while aligning with operational needs.

• Promote and Educate

  : We nurture positive cyber security behaviours! You'll work through targeted awareness activities, training support, and expert guidance.

• Monitor and Review

  : We want someone who understands the security landscape affecting bp systems and stay ahead of emerging threats and industry standard methodologies.

Education

• Bachelor's degree or equivalent experience in Information or Cyber Security, Computer Science, Engineering.
• Working towards professional certifications such as Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), or CompTIA Security+.
• Knowledge of security frameworks such as ISO 27001/2, NIST, and CIS framework.

Desirable Experience and Capability

• Previous track record in information security roles in Finance, HR, Trading, Retail, Supply or Oil and Gas companies.
• Ability to explain security concepts to a variety of audiences.
• Solid grasp of cyber risk assessment methodologies and the ability to translate technical findings into business impact assessments.
• Attention to detail and ability to work independently while balancing multiple activities.
• Ability to adapt security recommendations to different operating environments.
• Ability to use technology, data, and insights to enable decision making.