Job Description

Entity: Technology
Job Family Group: IT&S Group
:
About bp
Our purpose is to deliver energy to the world, today and tomorrow. For over 100 years, bp has focused on discovering, developing, and producing oil and gas in the nations where we operate. We are one of the few companies globally that can provide governments and customers with an integrated energy offering. Delivering our strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner!
Role
To enable the world to reach net zero, bp are looking for the brightest digital specialists to drive innovation as it transitions from an International Oil Company (IOC) to an International Energy Company (IEC).
Are you passionate about protecting what matters most? We're seeking someone who is passionate about identifying and implementing security solutions that make bp a cyber resilient organisation! Our Business Information Security team partners with the business to help them understand cyber risk and be accountable for cyber security.
We're looking for curious minds who are driven by opportunities to build value and deliver secure products and services to advance bp's strategy.
Role Synopsis:
In the digital era, where data breaches and cyber threats are not just possibilities but realities, the role of an Information Security Engineering Specialist has never been more critical. Working closely with bp's business areas, you will support the protection of IT systems and business data that are important to bp's operations - while upholding compliance and Zero Trust principles.
You will conduct security assessments, respond to security queries, and provide security expertise. Your expertise will help ensure that business teams can operate with confidence, knowing their systems and processes are secure.
Ready to make a real impact in energy security? Join us in safeguarding the people, processes and systems that power our transition to net zero!
Key Accountabilities:
In this role you will deliver security activities to support bp's business. This role focuses on hands-on security assessment and advisory activities with the following key accountabilities:
Microsoft 365 Security
Architect, configure and maintain security controls across the Microsoft 365 suite (Exchange Online, SharePoint, OneDrive, Teams, Entra ID).
Implement and optimize Microsoft Purview (DLP, Information Protection, eDiscovery, Insider Risk) and Defender suite (MDE, MDO, MDI, MDA).
Develop and enforce Conditional Access, MFA and identity governance policies.
Generative AI Security
Define and implement security guardrails for Microsoft Copilot, Azure OpenAI and other GenAI platforms.
Establish secure prompt-handling guidelines, data access controls and AI usage policies.
Conduct risk assessments for AI integrations and ensure regulatory compliance (e.g., GDPR, ISO 27001).
Modern Device Management Security
Strong knowledge and practical exposure to security baselines and compliance policies of Intune (Windows, macOS, iOS, Android) and Workspace One.
Deploy device encryption, endpoint protection and secure application delivery.
Monitor, investigate and remediate endpoint security threats.
Threat Detection & Response
Monitor and respond to incidents using Microsoft Sentinel and other SIEM/SOAR tools.
Conduct proactive threat hunting and vulnerability management (Qualys, Wiz).
Lead security incident response activities for M365, AI services and endpoints.
Governance & Compliance
Maintain security posture reviews and audit readiness for M365, AI tools and MDM platforms.
Align controls with NIST CSF, CIS Benchmarks and Zero Trust frameworks.
Collaborate with compliance teams to meet legal and regulatory obligations.
Assess and communicate cybersecurity risks for their potential impacts and mitigation strategies to our customers.
Assist with the development and promoting good cyber behaviors in day-to-day operations to build strong cyber security culture across the organization.
Automation & Continuous Improvement
Develop security automation using PowerShell, Python, bash, Graph API, or similar tools.
Track emerging M365, AI and MDM features and proactively assess security impact.
Education:
Bachelor's degree or equivalent experience in Information or Cyber Security, Computer Science, Engineering.
Working towards professional certifications such as Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), or CompTIA Security+.
Knowledge of security frameworks such as ISO 27001/2, NIST and CIS framework.
Desirable Experience and Capability:
5+ years in Information Security engineering, with strong hands-on expertise in:
Microsoft 365 security administration (Entra ID, Defender, Purview).
Modern Device Management (Intune, Jamf, Windows Autopilot).
Generative AI security and governance.

• Deep knowledge of identity protection, Zero Trust and cloud security models.
• Proficiency in security scripting/automation (PowerShell, Python, bash).
• Incident response, forensics and vulnerability remediation experience.
• Good understanding of regulatory compliance (GDPR, ISO 27001, NIST, CIS).
• Ability to explain security concepts to a variety of audiences.
• Solid grasp of cyber risk assessment methodologies and the ability to translate technical findings into business impact assessments.
• Ability to use technology, data, and insights to enable decision making.

Legal Disclaimer:
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp's recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.
If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.
Travel Requirement Up to 10% travel should be expected with this role
Relocation Assistance: This role is eligible for relocation within country
Remote Type: This position is a hybrid of office/remote working
Skills: Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism
Legal Disclaimer:
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp's recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please .
If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.

Skills Required