Information Security Engineering Lead

Job Description

Job Profile SummaryGrade GResponsible for delivering information security and risk activities for the specialism, using advanced technical capabilities to lead changes to security processes and procedures, review complex security issues,lead security solutions from identification to implementation, ensure adherence to policies, standards and best practices and provide technical expertise to internal and external stakeholders. Specialisms: Information Security Engineering; Information Securityand Risk Management; Operational Security Management; Governance, Risk and Compliance; Forensics and Incident Response Management; Application Information Security.Job AdvertWe are looking for an experienced Lead professional to join the multi-disciplined Digital Security Developer Security Enablement Services squad. The ideal candidate will have a strong background leading security teams and owning anddeveloping services an excellent knowledge of software vulnerability management. As part of the squad, you will use your knowledge, experience and communication skills to deliver services to the BP developer community and help to set and communicate best practices.If you would like to have a pivotal role in designing and implementing these strategic services and their success, then we want to hear from you.Duties:

• As the Information Security Engineering Lead, you will focus on the security aspects in the design of systems that need to be able to deal robustly with possible sources of disruption and malicious acts.
• Your primary motivation is to support the delivery of secure engineering solutions that satisfy pre-defined requirements of preventing misuse and malicious behaviour.
• You will ensure adherence to policies, standards and best practices and provide technical expertise to internal and external customers. Using advanced technical capabilities to lead changes to security processes and procedures, you will review complex securityissues and lead security solutions from identification, design and implementation. An appetite for problems - especially those big, intractable, complicated problems whose solutions make a permanent difference in security will be key.
• The successful candidate leads and develops the technology & processes for enabling and operating the practice of identifying, classifying, prioritising, remediating, and mitigating vulnerabilities across bp
• You will work within an agile delivery squad interacting directly with our customers, development teams, business product owners and 3rd party vendors.
• In depth knowledge and operational support of Vulnerability management.
• Service ownership

Requirements:

• Experience as a Service Owner, building roadmaps for products and services, gathering customer requirements, building and delivering solutions and capabilities of value.
• You will have advanced technical knowledge and experience in delivering security solutions. This includes providing technical advice and overseeing security processes for the specialism.
• Contribute to the development of organisational strategies that address vulnerability related issues.
• Experience of all aspects of Service Ownership including financial planning, Stakeholder management, engagement, requirements gathering & prioritisation.
• Lead the provision of authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions e.g. legal, technical support.
• Proven ability to develop and improve products strengthening Service offerings.
• Experience with penetration services and providing actionable intelligence to leverage findings to improve security across the organisation.
• Experience with working with customers and vendors to meet requirements, building features and deploying them to enable the business to be more secure.
• Actively monitor for, and seek, opportunities, new methods, trends, capabilities, and products to the advancement of the organisation.
• Evaluate and recommend new and emerging application security products and technologies.
• Drive adoption of new tools and techniques with an understanding of their value and impact.
• Understanding of the end-to-end Vulnerability Management Lifecycle
• Strong background in the identification, evaluation and assessment of security threats and risks that apply to digital assets and providing recommendations on appropriate, proportionate, and prioritised mitigations.
• Experience managing multiple and diverse teams with differing workloads and priorities.
• Produce reports and metrics associated with the service or product.

#bpinformationsecurityEntityInnovation & EngineeringJob Family GroupIT&S GroupRelocation availableNoTravel requiredNegligible travelTime TypeFull timeCountryUnited KingdomAbout BPINNOVATION & ENGINEERINGJoin us in creating, growing, and delivering innovation at pace, enabling us to thrive while transitioning to a net zero world. All without compromising our operational risk management.Working with us, you can do this by: deploying our integrated capability and standards in service of our net zero and safety ambitions driving our digital transformation and pioneering new business models collaborating to deliver competitive customer-focused energy solutions originating, scaling and commercialising innovative ideas, and creating ground-breaking new businesses from them protecting us by assuring management of our greatest physical and digital risksBecause together we are: Originators, builders, guardians and disruptors Engineers, technologists, scientists and entrepreneurs Empathetic, curious, creative and inclusive