Company: BP
Skills: IT - Analysis & Management
Education: Bachelors/3-5 yr Degree
Employment Type: Full Time Salaried Employee
Location: Sunbury-on-Thames, England, United Kingdom
No location/work authorization restrictions found.


BP has embarked on an ambitious plan to modernize and transform using digital technologies to drive efficiency, effectiveness and new business models. As the Operational IS Lead, you will be responsible for delivering information security and risk activities for Operational Security Management in the PCN space. Using advanced technical capabilities, you will lead changes to security processes and procedures, review complex security issues and oversee security solutions from identification to implementation.

You will see that we follow policies, standards and best practices and provide technical expertise to internal and external stakeholders. It's a chance to operate in a dynamic and delivery-focused environment, with the resources of one of the world's most forward-thinking IT departments and leading technology vendors at your fingertips.

Team: You will provide advanced technical expertise to support information security and risk activities specific to Process Control Network (PCN) sites across the BP Group. This could involve designing and developing security solutions to work across BP IT/PCN environments that are consistent with current policy; running investigations and incident response processes and providing a consistent response to cyber-based malicious activity; and acting as an interface with various teams dealing with information security in their segment/functions etc. You will drive the implementation and application of relevant operating processes and procedures, and ensure all activities follow relevant standards.

Relationships: You will be the main point of contact between the central PCN Security Enablement Team and Segment/site businesses and engineering communities. You will develop and maintain relationships with stakeholders, delivering advanced technical knowledge to support project delivery, collaboratively identify key challenges and ensure that security solutions protect BP against cyber risks. A senior professional, you will provide informal mentoring/training to junior members of the team. You will also work across the central PCN Security Enablement Team and other teams to align and optimize activities and provide backup as necessary for incidents and projects. You will provide training and consultation for sites who are implementing security controls.

Technology: You will build awareness of internal and external technology developments, managing the delivery of process and system improvements, identifying and implementing continuous improvement plans for the specialism and ensuring best practice is shared across the team.

Safety and Compliance: The safety of our people and customers is our highest priority. We will champion a culture of operational safety and ensure our architectures, designs and processes enhance and improve our digital security.Essential Education
  • You will have a degree or technical certification (SANS, Cyber Security, CISSP).
  • Equivalent experience is also acceptable.
  • You will have professional certification, e.g. CompTIA Security, GCIA, GCFA, GCFE, GCIH, GICSP.

Essential Experience and Job Requirements
  • Good written and oral communication skills.
  • You'll have significant relevant experience in an information security and risk role or similar.
  • You will have sound stakeholder management experience.

Technical capability
  • You will understand automation system environments.
  • You will have a good track record of applying digital security controls and principles to automation systems.
  • You will have the ability to clearly explain technical risks and controls to a non-technical audience.

Leadership and EQ
  • You always empower people - encouraging positive team morale and ensuring that every team member with expertise has the power to make decisions, at the lowest possible level.
  • You always get the basics right, from quality development conversations to recognition and ongoing performance feedback. You can develop, coach, mentor and inspire others.
  • You comply with BP's Code of Conduct and ensure your team does too. You also demonstrate strong leadership of BP's Leadership Expectations and Values & Behaviours.
  • You create an environment where people listen and can speak openly about the good, the bad, and the ugly, so that everyone can understand and learn.
  • You embrace a culture of change and agility, evolving continuously, adapting to our changing world.
  • You are an effective team player, naturally looking beyond your own area/organizational boundaries to consider the bigger picture and/or perspective of others, and building trust-based relationships with leaders and employees across IT&S and BP.
  • You are self-aware and seek input from others on your impact and effectiveness.
  • You apply judgment and common sense at scale - you use insight and good judgment to deliver commercially sound, efficient and pragmatic decisions and solutions and to respond to situations as they arise.
  • Cultural fluency - you operate across cultural boundaries with sensitivity.

Manager Expectations
  • Provide ongoing feedback to your employee tree, both formally and informally, with the aim of supporting their performance and development within the Chapter.
  • Coach and mentor to help build domain experience amongst peers
  • Be responsible for Chapter member's personal development and the management of performance reviews.

Desirable Criteria
  • You have CISSP Certification.
  • You have vendor and order management and budgeting experience.

Flexible WorkingIn IT&S we are committed to providing flexible working arrangements. Agile or flexible working encompasses a wide range of working options, which help people to achieve their full potential. It is more than ad-hoc home working or part time working; it's about role modelling BP's IT technology to get a job done, in a way that works well for both the business and our employees.

So even if a job is advertised as full time, please reach out to the hiring manager or the recruiter if you would like flexible working arrangements to be considered.