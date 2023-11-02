Job summary

Entity:

Innovation & Engineering



Job Family Group:

IT&S Group



Job Summary:

The Business Partner Security (BPS) team sits within the Cyber Behaviours and Risk portfolio in Digital Security, which is part of the Innovation and Engineering entity in bp.We are looking for a Business Partner Security Specialist to join our team with a focus on supplier information security and third party risk management. The BPS team provides supplier cyber risk assessments and contract mediation support to procurement for the information security requirements in the contracting process. The team also provides training and awareness, and governance for business partner security.



Job Description:

Job profile summary



As part of this Business Partner Security focussed role:

You will lead and supervise the end-to-end supplier security assessment process

You will take part in supplier contract negotiations, embedding information security requirements in our agreements

You will deliver action plans to suppliers to drive remediation of existing vulnerabilities as part of monitoring and response capability

You will supervise remediation actions from assurance reviews to identify and remediate risks and confirm gaps are closed to prevent exposure to cyber threats

Put forward recommendations to the continuous improvement of supplier assurance procedures, guidelines, framework to help perform supplier security assurance in a consistent and quality manner.

You will establish relationships and lead partner engagements across the various bp businesses.

We expect the individual to be an excellent teammate and have good experience in handling supplier assessment processes, working with procurement and legal through contract negotiations, using various GRC tools, and collaborating with partners.

Key responsibilities

Relationships: You will remain aware of evolving cyber security risks and trends by forming relationships with team members both inside and outside of BP, and through external research. You will assist the continuous development and awareness of supplier assurance processes by leading partner training or awareness campaigns and proactively improving the quality standards and efficiency of delivery processes. The ability to drive and inspire change in a positive, impactful way within varied environments will be a key skill required for this role.

Governance: You will bring technical expertise in support of supplier assurance assessments and supervise the delivery of a series of assessment activities. You will be involved in contracting process with procurement and legal to ensure the right level of cyber clauses and assurance is in place to support the contracting process. Facilitating the delivery of a programme of activities as agreed with leadership will be one of your main tasks. You will provide oversight in the context of supplier cyber security activities, identifying areas of risk and making appropriate recommendations.

Technology: You have a passion for understanding and learning. You will bring good hands-on skills in key technologies, and an ability to rapidly assess and identify the potential of new technologies with a commercial mentality. You bring a keen curiosity about new technologies and a desire to help craft our digital vision

Education

Ideally, you will have information security or risk industry accreditation (e.g., CISSP, CISM, CRIC) or membership of a professional body (e.g., IISP).

Experience and Job Requirements

Proficiency in all areas related to supplier information security and third party cyber risk (assessments, contractual clauses, vulnerability monitoring and governance)

Experience of supplier risk assessment across multiple supplier types and services.

Experience with third party vulnerability monitoring tools.

You will bring hands on experience and knowledge of supplier risk and assurance.

You will be involved in supplier contract reviews and redlining activity in relation to cyber security clauses, engaging with legal and procurement where their input is required.

You are an effective teammate, looking beyond your own area/organizational boundaries to consider the bigger picture and/or perspective of others, while understanding cultural differences.

Superb communication and presentation skills.

Ability to influence across a variety of partners and resolve disagreements

Well organized, you balance proactive and reactive approaches and multiple priorities to complete tasks on time.

You apply judgment and common sense – you use insight and good judgment to advise actions and respond to situations as they arise.

You follow bp's Code of Conduct and demonstrate strong leadership through bp's Leadership Expectations and Values & Behaviours.



Travel Requirement

Negligible travel should be expected with this role



Relocation Assistance:

This role is not eligible for relocation



Remote Type:

This position is a hybrid of office/remote working



Skills:

Automation system digital security, Conformance review, Consulting, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism



Legal Disclaimer:

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with disabilities may request a reasonable accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an accommodation related to the recruitment process, please contact us to request accommodations.

If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.