Job Specifications
Our purpose is to deliver energy to the world, today and tomorrow. For over 100 years, bp has focused on discovering, developing, and producing oil and gas in the nations where we operate. We are one of the few companies globally that can provide governments and customers with an integrated energy offering. Delivering our strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner!
The Cyber Security Incident Response Team (CSIRT), part of Counter Threat & Engineering (CT&E), responds to digital security threats and incidents globally from bp hubs in Houston, Sunbury, Kuala Lumpur, Pune, and Singapore. The Security Operations Center (SOC) raises incidents to CSIRT, which conducts long-term investigations using digital forensics, advanced techniques, and collaborating across bp. Team members must understand bp’s business segments and address a broad range of security-related questions. You will help ensure enterprise security, enabling safe and secure business operations as part of this global team.
Key Accountabilities
Support the bp SOC as an escalation point for security events and incidents.
Conduct digital forensic investigations on high-priority incidents to include functions such as host (disk and memory) forensics, network forensics and log analysis.
Work across Digital Security and the bp business functions to partner on incidents and to ensure all appropriate actions are being actioned and communicated
Conduct advanced threat hunting by using threat intelligence and the MITRE ATT&CK framework to proactively identify suspicious activity in the environment.
Ensure data accuracy within the case management system and others.
When not actively responding to incidents, other key responsibilities within the role include development of documentation and processes such as playbooks, refining your skills through training opportunities and identifying and enhancing the capabilities of the team by developing opportunities for automation (i.e., custom scripts and tool integration)
Essential Education
Bachelor's degree (e.g., Information Security, Network Security, Information Assurance, Information Technology, Computer Science) or equivalent experience and/or qualifications.
Essential Experience And Job Requirements
Experience with attacker tactics, techniques and procedures (TTP’s)
Knowledge of both Windows and Linux operating systems to conduct host-based forensics and analysis
Knowledge of cloud platforms such as AWS and Azure
Experience with many different types of log sources such as firewall, web and database to identify anomalous activity
Understand network communications and protocols
Knowledge of SIEM, EDR and other core cyber toolsets
Strong problem-solving skills as applied to technical solutions
Sound technical knowledge of security as applied to IT/OT networks, systems, and applications
Ability to communicate effectively and document investigative findings in a clear and concise manner
Leadership and EQ
You embrace a culture of change and agility, evolving continuously, adapting to our changing world.
You are an effective teammate, looking beyond your own area/organizational boundaries to consider the bigger picture and/or perspective of others, while understanding cultural differences
You continually enhance your self-awareness and seek input from others on your impact and effectiveness
Well organized, you balance proactive and reactive approaches and multiple priorities to complete tasks on time
You apply judgment and common sense – you use insight and good judgment to inform actions and respond to situations as they arise
You align with BP's Code of Conduct and demonstrate strong leadership through BP's Leadership Expectations and Values & Behaviours
Desirable criteria
COMPTIA Security+ / CYSA+ CASP+
SANS Certification GSOC; GCIH; GCFA; GCFE; GCFR
CISSP Certification and accreditation
Certified Ethical Hacker - CEH
Cisco Certifications (CCNA or similar)
Similar/ higher certifications
Additional Information
bp has embarked on an ambitious plan to modernize and transform as an integrated energy company, using digital technologies to drive efficiency, effectiveness, and new business models. The CSIRT is part of our wider CT&E team that is responsible for protecting bp against cyber threats. This post will be in Sunbury. This role requires 60% of the work week in our local bp offices while up to 40% can be remote. This role also requires the successful candidate be on an on-call Rota several times throughout the year. At bp, we support our people to learn and grow in a diverse and challenging environment.
We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the
About the Company
We believe the world wants and needs a better and more balanced energy system that delivers secure, affordable and lower-carbon energy.
We're playing our part by investing in today's energy system, which is mainly oil and gas – and, not or – in our transition and the energy transition.
While today we’re mostly in oil and gas, we increased the proportion of our global annual investment that went into our lower carbon & other transition businesses from around 3% in 2019 to around 23% in 2023.
Increasing investment in these ...
Know more