Job summary

Responsible for designing and delivering strategic security management programmes that are targeted to add value, thereby contributing to best-in-class security and business performance whilst ensuring compliance with the applicable regulatory requirements, in order to strengthen safe, reliable and compliant operations across BP.

Cyber Assurance Lead

Our expertise in safety & operational risk management to eliminate catastrophic safety events - both physical and digital. As part of the S&ORA team, you will provide leadership and guidance across bp digital entities through independent assurance activities and act as an advisor/partner to stakeholders in managing and reducing cyber risk across the company.



Key Accountabilities:

Conduct independent assurance to identify gaps and weaknesses in security controls, generate insights, and develop pragmatic recommendations based on risk.

Monitor and support stakeholders in closing gaps and intervene as necessary.

Test the organization's conformance to its cyber risk requirements and ensure adherence to policies, standards and best practices, provide technical expertise to stakeholders.

Develop and maintain internal and external stakeholder relationships and be able to influence when not in a position of formal authority.

Champion a strong cyber culture internally within S&ORA through cyber awareness initiatives, reporting on cyber related performance metrics and collaborate widely across the company to promote strong cyber behavior. Collaborate with other S&ORA team members, stakeholders in digital teams and businesses, and internal audit in managing risks within bp's cyber landscape Support the lead cyber authority develop assurance strategy and implementation plan.



Essential Education:

Tertiary level education Preferred qualification:

One of the following: CISSP, CISA, CISM, CRIS

Essential Experience:

Minimum of 7 years of relevant work experience in either an internal or external information security role

Technical expertise in information security risk assessment or information security project advisory/assessment or information security auditing

Good stakeholder management experience

Good interpersonal and communication skills

Team player who is willing to speak up and share

Ability to think outside the box and provide pragmatic advice/recommendations

Self-aware and able to recognize and manage your impact on others

Reporting to the Lead Cyber Authority you will be part of a central team collaborating with team members across various operating risk management disciplines

Be a member of Cyber Ambassador network to promote good cyber behavior within S&ORA Key Stakeholders

Digital security team - other digital teams - joint venture teams - ISC (Intelligence, Security & Crisis Management) Team - internal audit team



As the S&ORA team, we act as the conscience of bp by intervening, where necessary, and provide pragmatic recommendations to reduce safety & operational risks.