Clear and accurate description of the role i.e. business context, why the job exists, purpose of the role. The Role Synopsis is a brief statement to determine:
- The job and its purpose – Why does the job exist?
- Desired strategic outcome of the position – What is the job intended to achieve?
- Where the job fits into the organisation’s goals – What impact does the role have on bp’s business?
Exactly what the position is required for – How does it impact bp’s business?
Digital Customers & Markets (DCM) works with customers & products (C&P), gas & low carbon energy (G&LCE), trading & shipping (T&S) and regions, cities & solutions (RC&S), and focus on enabling and delivering amazing customer experiences that generate value for bp in current and new markets.
DCM Intelligent operations (IO) bridges the gap between bp’s physical and digital worlds to release value and enable world-class operations through deployment of new and emerging digital solutions. Our SMEs and partners work closely with our business units to ensure safe, efficient, and optimized operations and great customer experiences.
At DCM IO we have embarked on a very exciting journey with a pipeline of leading-edge programmes of work in the field of automation, Internet of Things (IoT) and Edge Vision to name a few. We are building platforms for the future and products focused on these technologies and more. We plan to build a Centre Of Excellence (COE) in Pune that will build and house essential digital capabilities, innovative solutions, toolsets required to deliver products for our customers thereby driving bp’s digital agenda.
Information Security Engineering Specialist will lead changes to security processes and procedures, review complex security issues and oversee security solutions from identification to implementation. You will be responsible for delivering information security and risk activities for DCM IO.
- Design and develop security solutions to work across BP IT environments that are consistent with current policy; You will drive the implementation and application of relevant operating processes and procedures, and ensure all activities follow relevant standards.
- Represent the Security Engineering chapter and assist other teams in operating as well as producing products that are secure by design and choice.
- Help teams deliver secure solutions using security skills and displaying a flexible agile approach by embracing emerging technologies.
- Support project delivery, collaboratively identify key challenges and ensure that security solutions protect BP against cyber risks. You will work various squads and other teams to align and optimize Digital security & risk related activities
- Optimising current solutions to leverage innovations and improvements.
- Work with partners, vendors to evaluate and certify edge devices and other components in the IoT eco system that require digital security approval. You will drive and define standards for the edge devices digital security.
- Deliver innovation using past engineering experience to create and deliver solutions.
- Use an appreciation of the DevSecOps philosophy of bringing culture, automation, lean, measurement and sharing into security.
- Empower delivery team resources by promoting application security awareness and standards through training, mentoring, and communities of best practice.
- Support and lead on security incidents.
- Influence delivery teams in the prioritisation of security activities and risk remediation.
Evaluate and recommend new and emerging application security products and technologies
Years of experience: 8-10 years, with a minimum of 4-6 years of relevant experience.
- Experience in delivering security solutions including providing technical advice and overseeing security processes for the specialism.
- Exposure to vulnerability and penetration testing methods.
- A strong understanding of information and cyber security principles and best practices.
- Provide consultative guidance to customers on findings identified in a clear and actionable fashion both in writing and verbally
- Exposure to vulnerability and penetration testing methods
- Cloud technology experience with AWS & Azure.
- Experience in Performing Internal Penetration Tests
- Experience with working with customers and vendors to meet requirements, building features and deploying them to enable the business to be more secure.
- Experience in Incident Management, Problem Management, Relationship Management, Security Administration
- A good working knowledge of Agile practices, ability to demonstrate agile ways of working (agile ceremonies, backlog prioritization)
- Experience in security testing , evaluating Edge devices
- knowledge of threat protection technologies like ATP and anti malware tools. (preferably MS Defender ATP and Crowdstrike).
- Experience in AWS/Azure IOT services
- Consulting / transformation experience in operating model design, sourcing strategy and digital enablement
- Experience across the product development lifecycle with agile and devops practices