Information Security LeadUnited States - Texas - Houston
Job profile summary:
BP has embarked on an ambitious plan, to drive efficiency and new business models, by using digital technologies. As the Information Security Officer Lead, you will be responsible for delivering information security and cyber risk activities, by using advanced technical capabilities.
You will lead changes to security processes and procedures, review complex issues, as well as identify and implement security solutions. Furthermore, you will ensure adherence to policies, standards and best practices, and provide technical expertise to internal and external stakeholders.
At IT&S, all the roles are within Chapters. While your role will continue to remain within the Chapter, your initial activities described below may change over time.
Providing guidance and support to front-line business personnel during a cyber incident is a core accountability of this Information Security Officer Lead role, including:
- Participating as cyber representative on incident management teams and serving as the primary interface into the SOC/CERT teams;
- Assessing business impacts, whether safety, reputational, regulatory, or commercial in nature;
- Driving local mitigation approaches, where appropriate;
- Providing technical advice on any breach or other regulatory notification, in support of the BP legal team;
- Supporting the return to normal operations in a cyber secure manner; and
- Driving adoption of cyber improvements, as a result of lessons learnt from previous incident responses.
- Assess and manage the role of suppliers in the incident response, using commercial experience to effectively assess what information should be shared, and what should be kept confidential
- Mitigating both the immediate impact and managing the risk of recurrence Liaising with other supporting functions such as Legal, Communications, Business Integrity and Procurement
- Assess and manage the role of suppliers in the incident response, using commercial experience to effectively assess what information should be shared and what information should be kept confidential
Team: As a high-performing, technical lead, you will effectively manage people and support those working in our cross-functional teams. You will help teams grow and deliver the most agile and commercially cost-effective solutions. You will delegate, motivate and be hands-on, alongside your team.
Relationships: You will act as a point of contact for all areas of information security within your accountability. You will develop and maintain a series of internal and external stakeholder relationships, delivering advanced technical knowledge to support project delivery. You will collaborate with others to identify challenges within our Cyber landscape -and ensure security solutions successfully protect BP against cyber risks. You will influence and inspire change in a positive and impactful way.
Security: You will provide advanced technical expertise, specific to Information Security (BIS), to achieve objectives. You will be the go-to person for teams dealing with information security in their segment/functions. You will drive the implementation and application of relevant operating processes and procedures, and ensure all activities adhere to the relevant standards.
Technology: You will build awareness of internal and external technology developments, managing the delivery of process and system improvements. You will identify and implementing continuous improvement plans for Information Security (BIS) and ensure best practice is shared across the team.
Safety: The safety of our people and customers is our highest priority. You will champion a culture of operational safety and ensure our architectures, designs and processes enhance and improve our digital security.
- You’ll have a tertiary level education and/or equivalent relevant work experience.
- Business Risk Management (BURM)
- Consultancy (CNSL)
- Information Assurance (INAS)
- Information Management (IRMG)
- Information security (SCTY)
- Relationship Management (RLMT)
- You have significant experience in either an internal or external information security and risk role, or similar.
- You have advanced technical knowledge and experience in delivering security solutions, providing technical advice, and overseeing security processes for the specialism.
- You have impressive stakeholder management experience.
Leadership and EQ:
- Within your team(s), you notice morale levels and work to positively influence this.
- You always empower people – encouraging positive team morale and ensuring that every team member with expertise has the power to make decisions, at the lowest possible level.
- You always get the basics right, from quality development conversations to recognition and ongoing performance feedback. You can develop, coach, mentor and inspire others.
- You comply with BP's Code of Conduct and ensure your team does too. You also demonstrate strong leadership of BP's Leadership Expectations and Values & Behaviours.
- You create an environment where people listen and can speak openly about the good, the bad, and the ugly, so that everyone can understand and learn.
- You promote a culture of change and agility, evolve continuously, adapting to our changing world.
- You work across organizational boundaries and build high quality, trust-based relationships with leaders and employees within IT&S & the wider BP, applying cultural sensitivity.
- You are self-aware and able to recognize and manage your impact on others.
- You apply judgment and common sense at scale.
- Cultural fluency – you operate across cultural boundaries with sensitivity
We are a global energy business involved in every aspect of the energy system. We have 75,000 employees in 80 countries, working towards delivering light, heat and mobility to millions of people, every day. We are one of the very few companies equipped to solve some of the big complex challenges that matter for the future. We have a real contribution to make to the world's ambition of a low carbon future. Join us, and be part of what we can accomplish together.