1. Home
  2. Careers
  3. Jobs at bp
  4. Information Security Specialist

Information Security Specialist

Information Security Specialist

  • Location India - Maharashtra - Pune
  • Travel required No
  • Job category IT&S Group
  • Relocation available Yes - Domestic (In country) only
  • Job type Professionals
  • Job code 137644BR
  • Experience level Intermediate
Apply Search all jobs at bp

Job summary

Grade H Responsible for supporting information security and risk activities for the specialism, using sound technical capabilities to review and adjust information security processes, supporting the delivery of security solutions, recommending improvements to security strategies and managing external service providers, as required. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security.

Responsibilities:

  • Reviewing complex bp business processes and requirements with a security assurance mindset
  • Influence and manage the remediation of security Findings that have been identified through penetration testing and security assessments of applications/infrastructure and supplier assurance engagements.
  • Expected to adhere to defined process workflows to support remediation, tracking, and reporting.
  • Co-ordinate and manage internal teams/3rd parties to ensure that the identified findings are closed or if accepted then raised as a digital risk.
  • Ensure that recommendations are identified against findings and amend policy if required.
  • Having an innovative mindset and constantly looking to share your visions and ideas with the team
  • Exploring and supporting continuous improvement to ensure solutions bring value to bp
Key Accountabilities :
  • Reviewing vulnerability assessments, Running security scans across assets and assessing the outcome/recommendations
  • Working with Digital Security teams to identify vulnerabilities
  • Managing activities to remediate vulnerabilities, scoping the work
  • Working with vendors and service owners to drive forward remediation
  • Using ADO (Azure DevOps) to ensure work is visible and reported
  • Evaluating remediation work and following up on risk management for any residual risk
Desirable Education
  • Bachelor’s degree in Computer Science, Cyber Security or related field
  • Security certifications such as CISSP, Security+, CRISC and direct experience acceptable in lieu of degree
  • Desirable Experience and Capability
  • Energy Sector experience
  • Experience and understanding of security tools: Cycognito, Qualys, Expanse, Synack
  • Understanding of NIST Framework and ISO27001
  • Understand Agile and have an agile mindset. Have used Agile tools such as ADO
  • Understanding of Vulnerability Management methods
  • Understanding of Governance Risk and Compliance frameworks and application
  • Experience with bp’s digital security organization and processes is a plus

Grade H Responsible for supporting information security and risk activities for the specialism, using sound technical capabilities to review and adjust information security processes, supporting the delivery of security solutions, recommending improvements to security strategies and managing external service providers, as required. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security.

Apply Search all jobs at bp