1. Home
  2. Careers
  3. Jobs at bp
  4. Operational Security Management Lead

Operational Security Management Lead

Operational Security Management Lead

  • Location United Kingdom - South East - Sunbury
  • Travel required No
  • Job category IT&S Group
  • Relocation available No
  • Job type Professionals
  • Job code 139455BR
  • Experience level Executive
Apply Search all jobs at bp

Job summary

Responsible for delivering information security and risk activities for the specialism, using advanced technical capabilities to lead changes to security processes and procedures, review complex security issues, lead security solutions from identification to implementation, ensure adherence to policies, standards and best practices and provide technical expertise to internal and external stakeholders. Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security.

The Role: Digital Security SOC Lead Specialist (L3) - Team Lead
Reporting to the Head of Incident Response, the SOC Lead Specialist - Team Lead, with responsibility for the management and development of a designated team of SOC Analysts

  • Will support the bp SOC as an advanced escalation point for Level I and Level II analysts
  • Will support/ manage escalations from the analyst and senior analysts in investigations
  • Will lead technical investigations for security incidents within the SOC prior to escalation to CERT.
  • Will ensure data accuracy in all case management, whether in SIEM or Case Management system ·
  • Will oversee process improvements/automation and drive implementation of new capabilities in coordination with other CT&I teams.
Co-ordinate and develop, train and coach SOC colleagues in all technical and investigative methodologies and practices
Incident and Case Creation and Tracking
Ensure that all identified events are promptly recorded, validated and thoroughly investigated and accurately documented
Establish baseline and initial timeline for incidents
Security Monitoring- Detection & Response
Serve as a lead analyst and point of escalation for Level I and Level II analysts
Coordinate immediate triage activities as required
Provide oversight and guidance to junior analysts
Encourage and support automation ideas
Ensure appropriate level of analysis and documentation is completed within the SOC for escalations to CERT
Community Outreach
As required, act as an ambassador for CT&I and the SOC- providing education and learning through participation in context-based tours, presentations and events.
Intelligence Sharing
Remain current on cyber security trends and intelligence (both open-source and commercial) and encourage intelligence led thinking across the SOC team
Support the SOC Lead Intelligence Specialist in the further development of intelligence led methodologies, practice and threat hunting.
Documentation and Procedures
Ensure Data Accuracy
Oversee documentation owned by the SOC team including but not limited to Standard Operating Procedures (SOPs) and Use Cases
Devise and document new procedures
Improve and develop new content based on observed and measured SOC activity
Work with engineers in the Defense Systems team to implement new or enhanced capabilities, ensuring SOC analysts are briefed and trained as required
Working with DAI/CERT/CI, support the development of workflows for Resilient Use Cases

Bachelor’s degree in Computer Science, Business Administration or equivalent educational or professional experience and/or qualifications.

CompTIA Security + certification
Advanced cyber qualifications

Ideally 5 years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, log analysis, intrusion detection ·

Successfully operated as a Level 2 SOC analyst for a minimum of two years ·
Hands-on experience with SIEM technologies, IDS/IPS network and host based firewall technologies and anti-virus solutions Excellent written and oral communication skills

About Us:
BP has embarked on an ambitious plan to modernize and transform as an integrated energy company, using digital technologies to drive efficiency, effectiveness, and new business models. You will be part of the Security Operations Center and this position will be located in the UK. Our SOC team is part of our wider Counter Threat and Intelligence team that is responsible for protecting bp against emerging cyber threats. This post will be located at the UK facility in Sunbury. This role requires 60% of the work week in our local bp offices while up to 40% can be remote. At bp, we support our people to learn and grow in a diverse and challenging environment.

Apply Search all jobs at bp