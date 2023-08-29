Responsible for delivering information security and risk activities for the specialism, using advanced technical capabilities to lead changes to security processes and procedures, review complex security issues, lead security solutions from identification to implementation, ensure adherence to policies, standards and best practices and provide technical expertise to internal and external stakeholders. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security.
Entity:Innovation & Engineering
IT&S Group
Job Family Group:
Responsible for delivering information security and risk activities for the specialism, using advanced technical capabilities to lead changes to security processes and procedures, review complex security issues, lead security solutions from identification to implementation, ensure adherence to policies, standards and best practices and provide technical expertise to internal and external stakeholders. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security.
Job Summary:
Job Description:
The incident response team is 24x7x365 and has team members in London, Houston and Singapore. The IR team sits within Cyber Defense and responds to digital security incidents globally for bp. The IR team is comprised of the SOC and the CERT.
The Security Operations Center (SOC) is responsible for monitoring and responding to incidents, performing initial triage and response, and escalating serious threats to members of the Cyber Emergency Response Team (CERT) and the various business entities in bp. The CERT conducts longer term technical investigations through digital forensics and other advanced techniques. The candidate must be knowledgeable about the various business segments and be able to answer, or direct to others, security-related questions covering a wide range of topics.
This is a hybrid SOC/CERT Role. As an Operational Management Lead, you will split your time by supporting both the SOC and CERT, depending on where Incident Response resources are needed.
Reporting to the Head of Incident Response, you will work as part of the global team to provide security across the enterprise that enables business activity and promotes safe and secure operations.
Key Accountabilities
Essential Education:
Bachelor's degree (e.g., Information Security, Network Security, Information Assurance, Information Technology, Computer Science) or equivalent experience and/or qualifications.
Essential Experience and Job Requirements:
Leadership and EQ
Desirable criteria
• COMPTIA Security+ / CYSA+ CASP+
• SANS Certification GSOC; GCIH; GCFA; GCFE; GCFR
• CISSP Certification and accreditation
• Certified Ethical Hacker - CEH
• Cisco Certifications (CCNA or similar)
• Similar/ higher certifications
Additional Information
bp has embarked on an ambitious plan to modernize and transform as an integrated energy company, using digital technologies to drive efficiency, effectiveness, and new business models. You will be part of the Incident Response team. Our IR team is part of our wider Cyber Defense team that is responsible for protecting bp against cyber threats. This post will be located at the UK offices in Sunbury. This role requires 60% of the work week in our local bp offices while up to 40% can be remote. This role also requires the successful candidate be on an on-call Rota several times throughout the year. At bp, we support our people to learn and grow in a diverse and challenging environment.
No travel is expected with this role
Travel Requirement
This role is not eligible for relocation
Relocation Assistance:
This position is a hybrid of office/remote working
Remote Type:
Automation system digital security, Conformance review, Consulting, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism
Skills:
Legal Disclaimer:
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with disabilities may request a reasonable accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an accommodation related to the recruitment process, please contact us to request accommodations.
If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.