Let Me Tell You About The Role
As a Connectivity Information Security Engineering Specialist you will provide advanced technical expertise to support information security and risk activities specific to your specialism. This could involve designing and developing security solutions to work across BP Connectivity environments that are consistent with current policy; running investigations and incident response processes and providing a consistent response to cyber-based malicious activity; and communicate with various teams dealing with information security in their segment/functions etc. You will drive the implementation and application of relevant operating processes and procedures, and ensure all activities follow relevant standards. Represent Security Engineering and assist other teams in operating as well as producing products that are secure by design
What You Will Deliver
As an IS Engineering Specialist on our Security Engineering team (Vulnerability Identification and Awareness) you'll get to work with teams who are proactively searching for areas that may be subject to cyber attack, and protecting them. You will be securing bp as it innovates and scales. Protecting its most critical systems and applications In areas such as:
- Operate and maintain security defenses (such as ZScaler and firewall technologies) across cloud and on-premise environments
- Analyze scan results and provide actionable remediation guidance to engineering teams
- Assist in developing and maintaining vulnerability management metrics and dashboards
- Help track and report on key security metrics
- Participate in incident response activities related to vulnerability management Role Description
- Support security awareness initiatives and provide technical guidance to partners
- Implement and run network security measures, including firewalls, intrusion detection and prevention systems, VPNs, and access controls. Work with digital security to conduct periodic security assessments, vulnerability scanning, and
- penetration testing. Monitor network traffic for security breaches and take appropriate actions to mitigate risks.
- Monitor network performance and proactively identify areas for improvement. Conduct analysis of capacity and traffic patterns, and recommend optimizations to ensure efficient performance and availability. Implement quality of service (QoS) policies to prioritize critical traffic.
- Maintain accurate documentation, including security diagrams, configurations, and standard operating procedures. Ensure documentation is up to date and readily accessible to team members. Document changes, incidents, and resolutions.
- Design and implement network automation and orchestration solutions using tools like Ansible and Python. Automate simple daily tasks to reduce workload and chance of misconfiguration.
- Collaborate with network equipment vendors and service providers to evaluate new products.
- Share knowledge and expertise with junior team members. Provide guidance and mentorship in network technologies, standard methodologies, and industry trends. Conduct training sessions and workshops to improve team skills and knowledge.
- Stay on top of emerging networking technologies, industry trends, and standard methodologies. Continuously expand knowledge and skills through self-learning, attending conferences, and acquiring relevant certifications. Lead enterprise technology architecture, security frameworks, and platform engineering across enterprise landscapes.
What you will need to be successful (experience and qualifications)
- A Bachelor's degree or equivalent experience in computer science, information technology, or related field, or an equivalent amount of experience.
- The typical candidate will have five to ten years of demonstrable experience in a networking security role.
- A solid understanding of information and cyber security principles and standard methodologies.
- Working knowledge of tools (ZScaler and firewalls)
- Basic understanding of cloud security concepts in AWS and/or Azure
- Familiarity with common security frameworks (NIST, CIS, ISO27001) Experience with scripting languages (Python, PowerShell, or Bash)
- Understanding of networking fundamentals and common protocols Knowledge of common web application security concepts and OWASP Top 10
About Bp
bp is a global energy business with a purpose to reimagine energy for people and our planet. We aim to be a very different kind of energy company by 2030, helping the world reach net zero and improving people's lives. We are committed to creating a diverse and inclusive environment where everyone can thrive. Join bp and become part of the team building our future!
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
