Company: BP
Skills: IT - Analysis & Management, IT - Networking & Telecom, Security
Education: High School/Secondary
Location: Sunbury-on-Thames, England, United Kingdom


The Security Data Service team mission is to empower our customers to understand and improve the security posture of BP; providing a consolidated, easy to use data platform for reporting and analytics.
Technical expertise in AppSec Tools and API Security with a background in Salesforce, Integration Platforms, to join a new squad to help build and operate this service and the underlying products.

About the job:

As the Engineering Lead, ensure alignment to policies, standards, best practices; provide technical expertise to stakeholders. Using advanced technical capabilities to lead changes, to review complex security issues and lead security solutions. Delivering information security risk activities for Information Security Engineering.
Your rapport with others will drive innovative initiatives, liaising with teams across BP, to advise on information security and risks. Along with influence to inspire change in a positive and impactful way.
You will champion a culture of operational safety and ensure our architectures, designs and processes enhance and improve our digital security.

About you:

Your technical skills will include:
  • Assessment of application security vulnerabilities across existing application landscape.
  • Manage reduction of vulnerabilities throughout SDLC.
  • Engage with development teams to articulate sophisticated application security risks.
  • Using application security tools for scanning applications for common application security risks in platforms like Salesforce, Mulesoft etc.
  • Plan and prioritise application security vulnerabilities and develop structured remediation plan
  • Carry out penetration tests on applications to highlight vulnerabilities in the code.
  • Engage with teams to educate developers on secure coding practices, common vulnerabilities in applications (OWASP Top 10)
  • Contribute to requirement gathering with product teams


And your experience will be:

  • In DevOps on Azure and AWS cloud environments.
  • Application security testing on business applications like Salesforce, SAP etc.
  • Extensive experience in DAST/SAST/IAST Tools like CheckMarx, BlackDuck, SonarQube
  • Agile and DevOps development methodology and concepts applied to data driven analytics projects. Including CI/CD Coding, security testing best practice and standards.
  • Extensive experience in working with OWASP Top 10 and other testing guides.
  • CWE, OWASP Top 10, ASVS, SAMM, BSIMM, SANS 25
  • Vulnerability Assessment
  • Web/Mobile Application Security
  • Risk Analysis, Threat modelling
  • Networks Security, Cloud security
  • Microservices, onolithic
  • Git, Docker, Kuernetes
  • Security Auditing, Penetration Testing
  • - SAST - Veracode, Checkmarx, Fortify, IAST - Contrast, Seeker


About your job:

  • Embracing a culture of change and agility, evolving continuously, adapting to our changing world.
  • A team player, naturally looking beyond your own area boundaries to consider the bigger picture; building trust-based relationships with cultural sensitivity.
  • You are self-aware and seek input from others on your impact and effectiveness.
  • You apply judgment and common sense at scale to deliver commercially sound, efficient and pragmatic decisions and solutions .
  • You comply with BP's Code of Conduct and demonstrate strong leadership of BP's Leadership Expectations and Values & Behaviours.


At bp, we provide the following environment & benefits:

  • A company culture where we respect our diverse teams and are proud of our achievements
  • Possibility to join social communities and networks
  • A healthy work-life balance
  • Chill-out and collaboration spaces in a modern office environment
  • Learning and development opportunities to craft your career path
  • Life & health insurance, medical care package
  • And many others benefits!
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Apply now!