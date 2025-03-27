This role is eligible for relocation within country

Technology



IT&S Group



About Bp

Our purpose is to deliver energy to the world, today and tomorrow. For over 100 years, bp has focused on discovering, developing, and producing oil and gas in the nations where we operate. We are one of the few companies globally that can provide governments and customers with an integrated energy offering. Delivering our strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner.

You will work with This role will work within Digital Security team and is expected to work in close collaboration with geographically diverse stakeholders including Technical Product Managers and Owners and to collaborate with wider teams within Technology and assist them with providing security advice and performing security risk assessments on different SAP and non-SAP products. Let me tell you about the role As anInformation Security Specialist, you will be involved in providing security advice, performing assessments, guiding end users, and documenting procedures. You will be responsible for leading and performing SAP Risk management activity to identify, assess and mitigate risk by closely collaborating with different business and technical stakeholders. What you will deliver Provide security advice and guidance to SAP product teams and business units. Perform regular audit and compliance checks to ensure adherence to security policies and standards. Document and update security procedures and best practices. Collaborate with other SAP teams and stakeholders to ensure alignment and integration of security solutions. Lead SAP risk management activities to identify, assess, and mitigate risks within SAP systems. Perform a fit-gap analysis of the controls library and update them as appropriate. Facilitate the ownership of risks and remediation activities in line with Group policies. Provide reporting and insights to senior management. Troubleshoot and resolve security issues and incidents. Develop and implement cybersecurity policies, standards, and best practices tailored to the organization's requirements. Oversee and implement Security Information and Event Management (SIEM) systems to detect threats across SAP environments. Implement SAP GRC solutions to manage risk, compliance, and access control across SAP systems. Provide guidance on implementation of S4HANA critical roles, SoD Risks, and access controls. Conduct cyber risk assessments of various SAP systems. Ensure compliance with the Manage IT Security policy by conducting regular digital security-led and self-assessment processes, testing, and scans. Drive cyber security behaviours, identifying areas for improvement, and reinforcing necessary actions. Present security design to relevant stakeholders for approval and ensure alignment with organization policies. Manage third party and vendor risk. What you will need to be successful (experience and qualifications) Deep knowledge of SAP security principles, tools, and approaches. Proficiency with SAP GRC, S/4 HANA, FIORI, BTP and Cloud platform. Experience in managing teams and stakeholder management. Hands-on experience with SAP GRC Access Control and Process Control. Expertise in SAP security, HANA DB, and ERP risk management. Strong understanding of S/4 HANA to design appropriate security and compliance controls. Well-versed with SOX, GDPR, DPDP data regulation, and NIST framework. Outstanding problem-solving, analytical, and communication skills. Essential Skills Bachelor’s degree level education At least 10 years of experience in SAP security setup and management Skills that set you apart SAP or Cyber Security-related certification would be an added advantage. Exposure to large-scale SAP ERP migrations and automation-driven enhancements. Experience working in highly regulated industries such as energy, finance, or manufacturing. Desirable Behaviours: Build and develop relationships across the business, within the digital Innovation and Engineering organization, and across supplier and software vendors - working to bring best in class knowledge across all stakeholders. Consistently adhering to bp standards and compliance requirements to ensure all bp data and IT applications are protected to the highest level. Empathetic: Cares about our people, our community, and our planet. Curious: Seeks to explore and excel. Creative: Imagines the extraordinary. Inclusive: Brings out the best in each other.



This role is eligible for relocation within country



This position is a hybrid of office/remote working



