1. Home
  2. Careers
  3. Jobs at bp
  4. Information Security Engineering Specialist

Information Security Engineering Specialist

Information Security Engineering Specialist

  • Location India - Maharashtra - Pune
  • Travel required No
  • Job category IT&S Group
  • Relocation available Yes - Domestic (In country) only
  • Job type Professionals
  • Job code 135686BR
  • Experience level Intermediate
Apply Search all jobs at bp

Job summary

Grade H Responsible for supporting information security and risk activities for the specialism, using sound technical capabilities to review and adjust information security processes, supporting the delivery of security solutions, recommending improvements to security strategies and managing external service providers, as required. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security.

Job Profile Summary
BP has embarked on an ambitious plan to modernize and transform using digital technologies to drive efficiency, effectiveness, and new business models. You will be responsible for delivering information security and risk activities for GRC Platforms. Using advanced technical and business process capabilities, you will lead changes to Compliance and Risk processes and procedures, use leading edge GRC technologies to transform the digital GRC landscape and be seen as a SME in using the GRC technology.
You will see that we follow policies, standards and best practices and provide technical expertise to internal and external stakeholders. It’s a chance to operate in a dynamic and delivery-focused environment, with the resources of one of the world's most forward-thinking IT departments and leading IT vendors at your fingertips.

  • Responsible for architecting, designing, and developing GRC solutions using platforms like ServiceNow Integrated Risk Management and SAP Governance Risk and Compliance Process Controls
  • Design, implement, and onboard Automated Business Controls and IT Controls in ServiceNow IRM
  • Liaise with the Legal and Regulation teams to understand technical and business challenges in maintaining Compliance Posture across the Organization and provide a sustainable solution to remediate and mitigate them using GRC Technologies.
  • Work as a Subject Matter Expert in GRC Technologies and Support development and training of developers and consultants within bp in support of wider technology adoption and bp digitalization journey.
  • Contribute to ideas for automation, continual improvement, and simplification of GRC Processes.
  • Recommend opportunities to reuse existing solutions for new compliance use cases.
Essential Experience and Job Requirements
  • A strong understanding of information and cyber security principles and best practices.
  • Risk and Compliance specialist with focus on legal and regulatory requirements like SOX, PCI-DSS, GDPR.
  • Demonstrable experience with SAP GRC especially CCM for business and IT controls.
  • Deep operational knowledge of GRC platforms esp. SNOW IRM, SAP GRC
  • Strong technical expertise and able to present as a business focused SME regarding SOX compliance
  • Contributes to the development of organisational strategies that address control & assurance requirements
  • Ability to work with 1st and 3rd line of Défense with equal ease and competence
  • Actively monitors for, and seeks, opportunities, new methods, trends, capabilities, and products to the advancement of the organisation.
  • Strong understanding of IT controls especially in the ERP stack
  • Basic experience of automation technologies using RPA, Celonis etc.
  • Self-managed and self-motivated individual with a high degree of competence in Information security discipline
  • Encourages and motivates colleagues to share creative ideas and learn from failures.
  • Evaluate and recommend new and emerging application security products esp. SAP
  • Drive adoption of new tools and techniques with an understanding of their value and impact.
  • Keep technical skills up to date and keep track of new technologies, understanding how they might benefit the Technology team and wider bp
  • Must have experience with SAP GRC, SNOW IRM, Azure DevOps ,
  • Be able to create, maintain and drive a Product Roadmap with customers and vendors.
  • Basic understanding of Cloud technologies and its impact on compliance posture for the company

BP has embarked on an ambitious plan to modernize and transform using digital technologies to drive efficiency, effectiveness, and new business models. You will be responsible for delivering information security and risk activities for GRC Platforms. Using advanced technical and business process capabilities, you will lead changes to Compliance and Risk processes and procedures, use leading edge GRC technologies to transform the digital GRC landscape and be seen as a SME in using the GRC technology.
You will see that we follow policies, standards and best practices and provide technical expertise to internal and external stakeholders. It’s a chance to operate in a dynamic and delivery-focused environment, with the resources of one of the world's most forward-thinking IT departments and leading IT vendors at your fingertips.

Apply Search all jobs at bp