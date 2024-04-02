Up to 25% travel should be expected with this role

Job summary

Entity:

Innovation & Engineering



Job Family Group:

IT&S Group



Job Description:

In a world where cyber threat continues to rise, and broader digital adoption creates more targets for cyberattacks within bp, defending against these threats is not optional. Failure to do so could result in major operational disruption, significant cost to the company (loss of revenue, fraud, or regulatory fines), loss of primary containment or loss of license to operate. Cyber is considered one of bp’s most significant risks!

This role is accountable for defining and implementing the Cyber Defense vision and strategy for bp. The incumbent must rapidly identify findings from all significant cyber incidents and use these to inform strategic decisions on technical solutions, controls, user behavior and response effectiveness. They must continually adapt and evolve our defensive capability, within an acceptable financial frame.

The VP of Cyber Defense will lead and develop the people, methods, and tools to identify, respond, and disrupt cyber-attacks against bp globally, 24x7. This will involve the collection and use of business and cyber intelligence that can be correlated with billions of cyber and contextual signals to reduce incident impact potential and prioritize containment actions.

This role is responsible for the management of several teams and may include Security Data Services (SDS), Cyber Intelligence (CI), Defense Analytics & Integration (DAI), Cyber Incident Management (CIM), Security Operations Center (SOC), and the Cyber Emergency Response Team (CERT).

The job requires regular handling of the most sensitive information for bp and close collaboration with the heads of Legal, Intelligence, Security & Crisis, People & Culture and Ethics & Compliance.

What you'll do

Strategy and Planning: Defining, setting, and propagating the Cyber Defense strategy for bp, acting as senior most authority on solutions for bp’s global SOC, cyber data analytics and integration, cyber intelligence, incident response, supplier security, insider threat and positive influence of cyber behaviors.

Lead cyber incident response and containment via bp’s SOC and CERT teams, applying knowledge of business and geopolitical context to effectively contain any compromise, direct forensic effort, and work with law enforcement and/or regulatory bodies, as necessary. Monitor bp's environment to detect and respond to cyber security threats using best in class processes, tools, and people capability. Regularly review and update processes to ensure that an appropriate cyber security monitoring and incident response capability exists, lead the management of incidents, and ensure that documented processes exist and are applied to include the reporting on monitored state and incident resolution to management.

Pioneer intelligence-led preventative and detective controls to drive sustainable controls across bp’s businesses to prevent compromise, detect anomalies and limit potential impact using cyber/business intelligence and cyber activity analysis. Deliver rapid change in line with the agreed strategic plan, secure project sponsorship and funding. Along with Architecture, develop a roadmap for the implementation of appropriate security technologies and processes across bp; identify the need for change to improve effectiveness, cost efficiency, address gaps or new threats; support the necessary changes with risk and reasons; establish initiatives and projects for the necessary change and provide leadership and coordination of these, working in concert with other relevant groups across bp.

Head of operational security management sub-discipline, providing bp’s deepest technical expertise of Operational Security Management, defining skills expectations and career paths for others. In conjunction with Information Security Head of Subject area, leads end-to-end talent strategy, including disubject area competency framework, learning pathways, capability gaps, resourcing strategy (internal vs external), internal talent development and re-training, performance management of the Cyber Defense functions and management of the hiring pipeline.

Serve as an ambassador for bp and elevate bp’s external profile in Cyber Defense, collaborating with key external partners: senior government officials in FBI, DHS, NSA, UK NCSC, and others. Orchestrate industry-wide response should the need arise, relying on a well-maintained network of peers across the industry.

Develop and maintain key relationships with collaborators to drive the cyber security agenda and enroll support from all areas across BP, including the bp Board, bpLT, Intelligence, Security & Crisis, Legal, Ethics & Compliance, Audit, and People & Culture.

Attract, grow, and retain best in class cyber security talent. Develop and lead an impactful distributed team of functional experts. Build and maintain diverse and highly motivated geographically dispersed teams.

What you'll bring

Must be regarded as subject leader in cyber security, evidenced by relationships and external demand for consultation. Pioneer of emergent cyber trends and technologies and advises executive team and senior business leaders on introduction of new Cyber Defense technologies and partnerships into bp.

Experience and ability to identify and deploy cost-effective, customized cyber solutions that meet immediate and future strategic needs across all areas of bp’s business.

Multi-disciplinary expertise in IT and OT security enabling effective preventative controls and response, including consideration of the impact on people, environment, and property.

Understanding of bp's global operations, including financial and regulatory impact on the business during incident response to prevent or contain any compromise. Able to balance technical and business risk (including legal and reputational in the wake of any cyber-attack), with the ability to bridge dialogue between technical and business partners.

Flexible leadership style – directive in crisis situations and able to create a psychologically safe space for team members to bring ideas forward, enabling people to grow into current and future roles and contribute to bp’s success overall. Able to influence or reassure other senior leaders during a cyber response. Effective collaboration across teams and disciples to drive multi-disciplinary activities and responses.

Decision-making skills in a VUCA (Volatility, Uncertainty, Complexity, Ambiguity) environment – Ability to handle urgent threats and make decisions that could impact bp operations and revenue locally, regionally, or globally. Ability to prioritize and triage complex sets of actions in response to crisis situations. Ability to evolve intelligence collection and use for immediate and future needs, and to parse potentially conflicting information to derive appropriate advice and action plans. Commercially aware, able to make tough calls at pace with imperfect information. Comfortable briefing to senior audiences, including the bpLT and Board, and able to judge when to consult and when to act without consultation to protect bp.

The VP of Cyber Defense has the authority to take any action necessary to reduce the impact potential of a significant cyber incident at any time. Defensive actions may include isolating parts of the business, including production facilities, to prevent further spread of a cyber-attack. These same actions are authorized to prevent the success of any significant attack.

Able to influence, reassure and instill confidence among other senior leaders during cyber responses by translating complex technical information into relatable risk or impact statements. Able to hold quality conversations with deep technical experts while supporting employees' day-to-day needs including career development, family life, and personal interests. Foster a sense of dedication to the mission of defending bp by understanding and influencing team dynamics at both individual and group levels.

Why Join our team?



At bp, we provide an excellent working environment and employee benefits such as an open and inclusive culture, a great work-life balance, tremendous learning and development opportunities to craft your career path, life and health insurance, medical care package and many others.



We support our people to learn and grow in a diverse and exciting environment. We believe that our team is strengthened by diversity. We are committed to crafting an inclusive environment in which everyone is respected and treated fairly.



There are many aspects of our employees’ lives that are significant, so we offer benefits to enable your work to fit with your life. These benefits can include flexible working options, collaboration spaces in a modern office environment, and others benefits.



Apply now!



Travel Requirement

Relocation Assistance:

This role is not eligible for relocation



Remote Type:

This position is a hybrid of office/remote working



Skills:

Automation system digital security, Conformance review, Consulting, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism



Legal Disclaimer:

