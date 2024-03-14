This role is not eligible for relocation

Up to 10% travel should be expected with this role

Job summary

Entity:

Innovation & Engineering



Job Family Group:

IT&S Group



Job Description:

Are you an information security professional who has successfully implemented and operated information security management systems in complex business and compliance environments.

In this role you will lead the delivery of the information security management system and compliance programme, with the following responsibilities:

•Lead the implementation of a new information security management system and supporting information security practices where required.

•Delivery of PCI-DSS compliance, ISO27001 certification and compliance with relevant government and industry standards.

•Define, assess, monitor, and report on IT security and compliance risk

.•Provide oversight, track performance and report on status of remediation programmes.

•Manage internal and external auditors throughout the management scoping, testing, and reporting phases.

•Respond to critical observations identified by auditors, assess and report on the impactto key stakeholders.

•Facilitate the management of risks and remediation in line with enterprise policies.

•Provide reporting and insights to senior stakeholders and relevant boards.

Capabilities /Required experience :

•Delivery of PCI-DSS compliance, ISO27001

•In-depth knowledge of information security management frameworks and experience delivering and maintaining information security certifications.

•Experience designing, implementing, and testing IT controls in accordance with industry standards.

•Strong understanding of enterprise and operational risk management, risk governance and regulatory compliance.

Leadership skills

•Excellent project management skills, with the ability to manage multiple projects simultaneously and meet demanding deadlines

•Excellent communication and interpersonal skills, with the ability to work collaboratively with stakeholders at all levels of the organisation

•Strong experience engaging with Auditors and standing ground on management decisions

•Ability to use technology, data, and insights to enable decision making

Desirable qualifications and experience

•ISO27001 lead implementor or PCI Qualified Security Assessor (QSA)

Why Join our team?

At bp, we provide an excellent working environment and employee benefits such as an open and inclusive culture, a great work-life balance, tremendous learning and development opportunities to craft your career path, life and health insurance, medical care package and many others.

We support our people to learn and grow in a diverse and exciting environment. We believe that our team is strengthened by diversity. We are committed to crafting an inclusive environment in which everyone is respected and treated fairly.

There are many aspects of our employees’ lives that are significant, so we offer benefits to enable your work to fit with your life. These benefits can include flexible working options, collaboration spaces in a modern office environment, and others benefits.

Reinvent your career as you help our business meet the challenges of the future. Thinking about applying? Learn more about our amazing discretionary UK reward and benefits to help you get the most out of work and life.

Apply now!

​



Travel Requirement

Up to 10% travel should be expected with this role



Relocation Assistance:

This role is not eligible for relocation



Remote Type:

This position is a hybrid of office/remote working



Skills:

Automation system digital security, Conformance review, Consulting, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism



Legal Disclaimer:

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with disabilities may request a reasonable accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an accommodation related to the recruitment process, please contact us to request accommodations.

If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.