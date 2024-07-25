Up to 10% travel should be expected with this role

Reporting to the VP Cyber Defense, the Global SOC (Security Operations Centre) Lead is a significant leadership position with the digital security organization and will have responsibility for the management and development of a global team of security analysts working in bp’s security operations centre. The SOC currently consists of mature operations located in the US (Houston, Texas) and in the UK (London/Sunbury), as well as a new location, currently starting up in Malaysia (Kuala Lumpur).

In addition to managing the SOC analysts, the Global SOC Lead will also be responsible for providing thought leadership with respect to security operations; driving and improving operational discipline within the SOC; identifying opportunities to better protect bp and drive further efficiency within the SOC; as well as participating fully as a member of the bp digital security Cyber Defence leadership team.

Manage the Global SOC Team

Lead the professional development of the SOC analysts, including assessing skill levels and guiding professional development within the team

Coordinate activities across the bp SOC locations, working closely with the local SOC leads

Manage the financial aspects of the SOC operations, including operating expenses and any required project investments or refresh of the physical kit or solutions within the SOC

Direct the engagement and interfaces with other digital security teams, including Threat Intelligence; SOC; Defence Analytics and Integration; and Security Data Services – among others

Drive and Maintain Operational Discipline

Improve the operational maturity of the current SOC operations against industry standards (e.g., NIST 2.0)

Identify opportunities to continuously improve operational discipline within the SOC

Maintain and improve upon the delivery against established key performance indicators (KPIs); as well as identify additional KPIs to drive further excellence within the team

Incident and Case Creation and Tracking

Ensure all identified events are promptly recorded, validated and thoroughly investigated

Review and assess the accuracy of incident documentation

Ensuring consistency of documentation across SOC locations

Seek opportunities to further leverage incident templates and automation, where appropriate, to drive efficiency and quality improvements

Stakeholder Management and Engagement

Serve as a visible leader for digital security, including providing education and learning through participation in context-based tours, presentations and events within bp and externally, where appropriate

Participate in the management of major incidents, including serving as a digital security representative on incident management teams and/or business support teams, when necessary

Maintain and grow key relationships with local regulatory and/or law enforcement stakeholders

Intelligence Sharing

Remain current on cyber security trends and intelligence (both open-source and commercial) and encourage intelligence led thinking across the SOC team, working closely with the digital security Threat Intelligence team

Support SOC leads and their analysts in the further development of intelligence-led methodologies, practice and threat hunting

Documentation and Procedures

Accountable for data accuracy with respect to both the quality of documentation for, and the metrics associated with, cyber incidents

Oversee documentation owned by the team including but not limited to Standard Operating Procedures (SOPs) and Use Cases

Support the SOC leads in devising and documenting new procedures, as appropriate

Improve and develop new content based on observed and measured SOC activity

Work with engineers within digital security to implement new or enhanced capabilities, ensuring all SOC analysts are briefed and trained as required

Essential Experience and Education:

Bachelor’s degree in Computer Science, Business Administration or equivalent educational or professional experience and/or qualifications.

Advanced cyber qualifications/certifications

10 years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, log analysis, intrusion detection and IT infrastructure management

Prior hands-on SOC experience, both in analyst and leadership roles

Hands-on experience with security information and event management (SIEM) technologies, security orchestration, automation, and response (SOAR) solutions; vulnerability management processes, and/or cloud-native application protection platform (CNAPP) technologies

Excellent written and oral communication skills

Self-motivated to improve knowledge and skills

Demonstrated ability to engage with senior leaderships, both internally and external to the organization

Detail oriented, with a strong desire to drive improvements regarding the “what” as well as the “why” and the “how” of security incidents

A passion for leading and growing the capabilities of global teams; as well as for embracing/leveraging diverse perspectives and cultures within a team to achieve greater results

Demonstrable ability to think beyond the immediate situation and use critical thinking, context and judgment in the analysis of complex data sets, threat intelligence, and security events

Ability to work under pressure and in crisis situations while maintaining a high degree of professionalism and leadership when engaging the SOC team and internal/external stakeholders

Ability to lead large teams in the adoption of new technologies and processes in a rapidly changing environment

At bp, we support our people to learn and grow in a diverse and exciting environment. We believe that our team is strengthened by diversity. bp is committed to encouraging an inclusive environment in which everyone is respected and treated fairly. There are many aspects of our employees’ lives that are meaningful, so we offer benefits to enable your work to fit with your life. These benefits can include flexible working options, a generous paid parental leave policy, excellent retirement benefits, and more!



Up to 10% travel should be expected with this role



This role is not eligible for relocation



This position is a hybrid of office/remote working



