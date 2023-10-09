This role is not eligible for relocation

Job summary

Entity:

Innovation & Engineering



Job Family Group:

IT&S Group



Job Summary:

Responsible for delivering information security and risk activities for the specialism, using advanced technical capabilities to lead changes to security processes and procedures, review complex security issues, lead security solutions from identification to implementation, ensure adherence to policies, standards and best practices and provide technical expertise to internal and external stakeholders.Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security.



Job Description:

The Role:

Being part of Digital Security, part of the Innovation and Engineering entity in bp, the business partner security team provides supplier information security due diligence. This includes assessing our suppliers against our information security requirements to get a view of our cyber exposure risk, and contract negotiation support to procurement for the information security requirements in the contracting process. The team also provides training and awareness to procurement and the business as well as some governance support. The Business Partner Security Lead will report to the BPS & Reporting Principal and will be based in Kuala Lumpur (KL).



Key responsibilities:

Building relationships with our customers, establishing, and growing the local team and will be working collaboratively and effectively with the wider BPS team based in the UK to own the operational management of the BPS products and services

Working with the bp businesses to support supplier engagements, handling security assessments

Understanding and articulating third party risk to enable risk reduction, prioritizing workload, team training, and driving enhancements to business as usual (BAU) operations

Supervising the conduct and quality of supplier assessments

Managing key relationships with procurement, legal and the wider bp businesses

Organizing and prioritizing work activity and ensure it is appropriately resourced within the team

Driving and supporting risk remediation activities that reduce bp’s cyber risk exposure

Engaging in supplier contract negotiations to embed information security requirements within supplier contractual agreements

As part of a monitoring and response capability, providing input into governance by way of action plans that drive remediation of vulnerabilities

Developing and producing regular reporting against KPIs and SLAs and gathering additional data sources and feeds for better visibility of supplier risk

Utilising data, analytics and reporting to measure and drive effective risk reduction activities

Developing and maintaining a roadmap for business partner security technologies and processes

Serve as a technical leader and expert in the team providing guidance and mentoring to less experienced team members.

Key requirements:

Experience of supplier risk and assurance across multiple supplier types and services

Strong stakeholder management experience

Strong customer service background and experience

Team leadership and management experience

Experience with business partner vulnerability monitoring tools

Experience working in an agile environment

Demonstrable experience driving business process improvements

Analytical with strong attention to detail

Consultative and collaborative working style creating a culture of accountability and knowledge.

Ability to deal with ambiguity and identify solutions

Education / training

Information security or risk industry accreditation (e.g., CISM, CISA, CISSP, CIRM) or membership of a professional body (e.g., IISP)

Degree level qualification (although it’s not essential)

At bp, we provide the following work environment & benefits

A company culture where we respect our diverse teams and are proud of our achievements

Possibility to join social communities and networks

Learning and development opportunities to craft your career path

Life & health insurance, medical care package

And many others benefits!

We are an equal opportunity employer and value diversity. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.



Relocation Assistance:

This role is not eligible for relocation



Remote Type:

This position is a hybrid of office/remote working



Skills:

Automation system digital security, Conformance review, Consulting, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism



Legal Disclaimer:

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with disabilities may request a reasonable accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an accommodation related to the recruitment process, please contact us to request accommodations.

If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.