1. Home
  2. Careers
  3. Jobs at bp
  4. Information Security Specialist

Information Security Specialist

Information Security Specialist

  • Location Malaysia - Central - Kuala Lumpur
  • Travel required No
  • Job category IT&S Group
  • Relocation available No
  • Job type Professionals
  • Job code 129716BR
  • Experience level Intermediate
Apply Search all jobs at bp

Job summary

The Business Entitlement Engineering team are a team of security technology experts providing core engineering capabilities in access design, build, testing, operation, and ongoing innovation. You will need to solve business challenges and deliver secure access and authorization to protect bp applications.

The Information Security Engineering specialists will be responsible for providing security solutions that protect bp’s applications from unauthorized access and also adhere to strict compliance standards and audit requirements.

The primary activities that are required are as follows:

  • Working in the Business Entitlement Engineering space to assist in analysing and providing guidance on enterprise roles across the entire application landscape.
  • Maintaining Access Controls for bp roles and users of applications based on the IAM framework and Enterprise Role Management governance process.
  • Ability to work across multiple security disciplines in the Access and Identity space acting as a subject matter expert and a business analyst based on standard developed bp designed patterns.
  • A good working knowledge of SAP and non-SAP applications security, with the knowledge of how to design role based access control and attribute based access control models.
  • The ability to manage multiple security related activities at any time across a multitude of different areas, working against challenging timelines.
  • Appreciation of B2E, B2B, B2C and system user types and their related life cycles.
  • Understanding of Cloud IAM, IoT, Robotic Based Automation and best of bread Cloud based Enterprise Applications.
  • Understanding of multifactor authentication, Microsoft Active Directory, Azure Active Directory.


Key Accountabilities

  • Team: collaborate within the Developer and Identity platforms team, specifically in the identity space ensuring that all best practises are deployed across all work and ensure they are aligned across the team.
  • Relationships: build and develop relationships across the business, within the digital Innovation and Engineering organisation and across supplier and software vendors working with bp to bring best in class knowledge across all stakeholders.
  • Technology: constantly looking to work with and bring in new technology, develop new ways of working which are bleeding edge, ensuring best in class efficiency.
  • Safety and Compliance: consistently adhering to bp standards and compliance requirements to ensure all bp application are protected to the highest level.
    Encourage innovation and delivery of initiatives and technologies that will optimise operational efficiency and effectiveness
  • Champion the training and communication for best practices and standards
Desirable Education
  • Bachelor’s Degree or equivalent
  • Relevant Application specific accreditations e.g. AWS/Azure/SAP/Salesforce/etc
  • Either of CISSP, CISM, CISA
Desirable Experience & Capability
Years of experience: 8 to 12 years, with a minimum of 5 to 7 years of relevant experience operating within entitlement-based access management.

Required Criteria / Skills
  • Experience in delivering at least one of; RBAC/PBAC/ABAC concepts across multiple applications.
  • Good working knowledge of Agile and Waterfall delivery methodologies having worked to deliver across both methods.
  • Competent in working across complex Identify & Access Management process and designs.
  • Deep entitlement-based security knowledge of any applications.
  • Knowledge of Identity Governance and Assurance solutions e.g. SAP GRC, SNOW GRC, Saviynt, Sailpoint etc
  • Understanding of working with Compliance and Audit controls to including SOX.
  • Experience in medium/large-scale project implementation cycles
  • Team player who is willing to speak up and share what they have learnt.
  • Excellent verbal and written communication skills.
  • Positive interpersonal skills, including the ability to establish and maintain good working relationships with others.
  • Strong in documentation, process analysis and design, requirement gathering and impact analysis
  • Experience in medium/large-scale project implementation cycles
  • Team player who is willing to speak up and share what they have learnt.
Preferred Criteria / Skills
  • Appreciation of IAM processes including application access governance, attestation, compliance and audit controls to including SOX across SAP, cloud technologies (AWS/Azure)
  • Experience in providing operational application support
  • Performance Management
Key Behaviours:
  • Empathetic: Cares about our people, our community and our planet
  • Curious: Seeks to explore and excel
  • Creative: Imagines the extraordinary
  • Inclusive: Brings out the best in each other
#bpInformationSecurity

Apply Search all jobs at bp