Company: BP
Skills: IT - Networking & Telecom, Security
Education: High School/Secondary
Employment Type: Full Time Contractor
Location: Sunbury, United Kingdom
No location/work authorization restrictions found.


Responsible for supporting information security and risk activities for the specialism, using sound technical capabilities to review and adjust information security processes, supporting the delivery of security solutions, recommending improvements to security strategies and managing external service providers, as required.Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security.
  • Monitor security systems, including Firewalls, Windows AD event logs, syslog, anti-virus, file integrity, and vulnerability scanners for security events.
  • Evaluate and investigate detected security events to see if they represent significant security incidents and require some level of response.
  • Suggest and work with the respective security team members to develop and refine additional monitoring content, processes and procedures.
  • Develop and maintain knowledge of the functionality and technology of existing IT systems as well as:
    • ICS technologies
    • General view of the current state of security threats across the ICS environments as well as within a large multi-national corporation.
Provide 24x7 Operational support; on a rotating shift schedule and work one weekend in a quarter.Responsible for supporting information security and risk activities for the specialism, using sound technical capabilities to review and adjust information security processes, supporting the delivery of security solutions, recommending improvements to security strategies and managing external service providers, as required.Specialisms: Information Security Engineering; Information Security and Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security.
  • Monitor security systems, including Firewalls, Windows AD event logs, syslog, anti-virus, file integrity, and vulnerability scanners for security events.
  • Evaluate and investigate detected security events to see if they represent significant security incidents and require some level of response.
  • Suggest and work with the respective security team members to develop and refine additional monitoring content, processes and procedures.
  • Develop and maintain knowledge of the functionality and technology of existing IT systems as well as:
    • ICS technologies
    • General view of the current state of security threats across the ICS environments as well as within a large multi-national corporation.
Provide 24x7 Operational support; on a rotating shift schedule and work one weekend in a quarter.

Duties:


• Provides sound technical expertise in support of information security and risk activities specific to the specialism to achieve objectives e.g. supporting the development and implementation of the information security governance and compliance process across BP Group; reporting on the effectiveness of security procedures and safeguards and recommending the best approach for segments/functions; delivering security solutions to projects across the design, build and execution phases etc.
• Supports the implementation and application of relevant operating processes and procedures, and ensures all activities adhere to the relevant standards.
• Liaises with various teams and senior stakeholders across BP to advise on information security and risk, and manages third party service providers that are helping to deliver related projects as required.
• Seeks opportunities for continuous improvement within the specialism in response to internal and external developments. working with team members to identify continuous improvement plans.
• Complies with BP's Code of Conduct and models BP's Values & Behaviours.

Skills:

• Sets the strategic direction for the specialism, ensuring that strategy is aligned with the business goals and current initiatives, shapes operational performance metrics, and raises senior management's appreciation of both the current and emerging security risks and countermeasures.
• Leads information security and risk activities, processes and solutions to ensure a consistent and accurate approach, reviewing, resolving and communicating the highest-risk, most business-critical information security issues.
• Identifies and develops strategic links with other functions and geographies to optimize information security and risk activities across the organization and provide expert technical advice and guidance, discussing, evaluating and agreeing solutions to current and emerging risks raised by business leaders.
• Stays abreast of internal and external developments to identify and implement best practice methodologies and emerging technologies, promoting knowledge sharing, driving modernization and leading continuous improvement efforts for the specialism.• Provides mentorship and expert advice to colleagues, driving the technical capabilities of the team through implementation of effective training programmes.
• Complies with BP's Code of Conduct and demonstrates strong leadership through BP's Leadership Expectations and Values & Behaviours.