Innovation & Engineering



IT&S Group



The cyber incident management team is part of the broader bp Cyber Defense team and supports the management and resolution of cybersecurity incidents, particularly those resulting in a business impacted. The team has accountability for incidents globally and has team members in London, Pune, and Kuala Lumpur. In managing cybersecurity incidents the team works very closely with bp’s security operations center (SOC) and cyber emergency response team (CERT).As a member of the CIM team, you will be accountable for coordinate with bp business during a cybersecurity incident, helping to assess the potential business impact and risk associated with the incident. You will provide guidance and support to front-line business personnel during a cyber incident and support the remediation, return to business as usual operations, and lessons learned review associated with business-impacting cybersecurity incidents.In addition to supporting cyber incident management activities, you will be responsible for supporting requests to analyze cyber incident trends and identifying contributing behaviors to cyber incidents for different bp businesses. You will also be call upon to support cyber incident exercises and/or table top exercises conducted by different bp businesses.Reporting to the Head of Cyber Incident Management, you will work as part of the global team to enhance our security response across the enterprise and promote safe and secure operations within bp.



Participate as cyber representative on incident management teams; serve as the primary interface to the security operations center and cyber emergency response teams

Assess the business impacts of a cyber event, whether safety, reputational, regulatory, or commercial in nature

Provide incident context for any breach, regulatory notification, or sensitive user behavior event - in support of internal bp legal and business integrity teams

Support the return to normal operations following a cyber event

Drive adoption of cyber improvements, to further protect the bp business

Assess and manage the role of suppliers in a cyber incident and coordinate with bp supplier security team

Ensure bp Information Security policies and standards are adhered to

Where appropriate, support the Information Security Assessment process for applicable suppliers and assist the business with information security self-assessments

Bachelor's degree (e.g., Information Security, Network Security, Information Assurance, Information Technology, Computer Science) or equivalent experience and/or qualifications.

Experience with incident and/or problem management, with a preference for experience with cybersecurity incident management.

Previous experience with information security, plus one or more of the following would be highly advantageous: Knowledge of ISO27001, understanding of good practice security industry standards Certification such as CISSP, CISM, CRISC or willingness to work toward these

Solid understanding of digital and cyber risks, coupled with the ability to translate these into business language

Strong problem-solving skills as applied to technical solutions

Good eye for business and/or customer management skills

Solid ability to influence, lead and direct internal and external partners

Ability to communicate effectively and document investigative findings in a clear and concise manner

Prior experience conducting root cause analysis investigations to present lessons learned and implement process and control improvements

Leadership and EQ

You embrace a culture of change and agility, evolving continuously, adapting to our changing world.

You are an effective team player, looking beyond your own area/organizational boundaries to consider the bigger picture and/or perspective of others, while understanding cultural differences

You continually enhance your self-awareness and seek input from others on your impact and effectiveness

Well organized, you balance proactive and reactive approaches and multiple priorities to complete tasks on time

You apply judgment and common sense – you use insight and good judgment to inform actions and respond to situations as they arise

You comply with BP's Code of Conduct and demonstrate strong leadership through BP's Leadership Expectations and Values & Behaviours

CISSP Certification and accreditation

Similar/ higher certifications

5-Why’s / Root Cause Analysis Training

At bp, we support our people to learn and grow in a diverse and challenging environment. We believe that our team is strengthened by diversity. We are committed to fostering an inclusive environment in which everyone is respected and treated fairly. There are many aspects of our employees’ lives that are meaningful, so we offer benefits to enable your work to fit with your life! These benefits can include flexible working options, paid parental leave policy among others!

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.



Up to 10% travel should be expected with this role



This role is not eligible for relocation



This position is a hybrid of office/remote working



We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with disabilities may request a reasonable accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an accommodation related to the recruitment process, please contact us to request accommodations.

If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.