Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Protect digital assets and enhance security through incident response and risk management.
- Company: Join BP PLC, a leader in energy and technology with a focus on innovation.
- Benefits: Enjoy flexible working, health insurance, and opportunities for personal growth.
- Other info: Diverse and inclusive culture with excellent career development opportunities.
- Why this job: Make a real impact in cybersecurity while developing your skills in a dynamic environment.
- Qualifications: Experience in information security and strong communication skills are essential.
The predicted salary is between 55000 - 65000 ÂŁ per year.
Our purpose is to bring together people, energy and markets to power and navigate a changing world. In a time of constant change and possibility we need new talent to pursue commercial opportunities, fuelled by world-class insight and expertise. We’re always striving for more innovative digital solutions, sustainable outcomes and closer collaboration across our company and beyond, and you could be part of that too.
About the Role:
As an Information Security Engineering Specialist at BP PLC, you will play a critical role in safeguarding our digital assets and ensuring the resilience of our information systems. You will contribute to a secure environment by applying your expertise in incident response, risk management, and security guidelines.
Key Accountabilities:
- Vulnerability & Exposure Management
- Leading efforts to identify, prioritise, and track vulnerabilities across cloud and on‑prem environments
- Advising system owners, developers, and platform teams on remediation and configuration hardening and risk reduction
- Providing hands‑on support to reduce risk and improve security outcomes
- Security Advisory & Support
- Assisting technology teams in resolving exposure issues related to identity, network security, posture management, and secure configurations
- Acting as a security advocate, delivering clear written and verbal communication to technical and non‑technical stakeholders
- Creating and delivering training, awareness materials, and briefings to enhance security maturity
- Offering excellent customer service by supporting various business units through best‑practice guidance and responsive problem‑solving
- Incident Response & Assurance
- Leading and participating in incident investigations to identify root causes and implement effective solutions
- Providing expert consulting on secure design, implementation, and operations
- Contributing to the development and continuous improvement of information assurance frameworks and policies
- Platform Ownership
- Serving as a key contact for our vulnerability management platform supporting users in effective adoption and day‑to‑day usage
- Ensuring the platform is well‑configured, reliable, and used effectively across the organisation
- Championing new features and capabilities to continuously improve vulnerability visibility, prioritisation, and remediation outcomes.
Essential Experience and Job Requirements:
- Proven experience in information security, especially in vulnerability or exposure remediation
- Hands‑on experience with incident management, SIEM tools, and incident response platforms
- Experience working with vulnerability management or cloud-native security tools (e.g., Qualys, Wiz, Microsoft Defender for Cloud)
- Solid understanding of information assurance frameworks and compliance (ISO 27001, NIST, etc.)
- Knowledge of risk management principles, including assessment and mitigation
- Exceptional communication skills with the ability to translate complex topics into business‑friendly language
- Customer service experience—showing empathy, active listening, and a solutions‑focused approach when supporting partners
- Strong analytical and problem‑solving skills, especially during incident investigations
- Effective stakeholder management and relationship‑building abilities
- Cloud certifications (AWS, Azure) or security certifications (CISSP, CISM, GCIH, CCSP) are highly desirable
- A degree in Computer Science, IT, Cybersecurity, or equivalent practical experience
Why join us?
At bp, we provide an excellent working environment and employee benefits such as an open and inclusive culture, a great work-life balance, tremendous learning and development opportunities to craft your career path, life and health insurance, medical care package and many others. We support our people to learn and grow in a diverse and exciting environment. We believe that our team is strengthened by diversity. We are committed to crafting an inclusive environment in which everyone is respected and treated fairly. There are many aspects of our employees’ lives that are significant, so we offer benefits to enable your work to fit with your life. These benefits can include flexible working options, collaboration spaces in a modern office environment, and others benefits. Reinvent your career as you help our business meet the challenges of the future. Apply now!
Travel Requirement: Negligible travel should be expected with this role
Relocation Assistance: This role is not eligible for relocation
Remote Type: This position is a hybrid of office/remote working
Skills: Consulting, incident investigation and response, Incident Management, Information Assurance, Information Security, Information security behaviour change, Risk Management, Stakeholder Management, Supplier security management
Information security Engineering specialist in Grange Hill employer: BP Energy
Contact Detail:
BP Energy Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information security Engineering specialist in Grange Hill
✨Tip Number 1
Network like a pro! Reach out to current employees at BP or in the information security field. A friendly chat can give you insider info and maybe even a referral, which can really boost your chances.
✨Tip Number 2
Prepare for the interview by brushing up on your incident response and risk management knowledge. Be ready to share specific examples of how you've tackled vulnerabilities in the past—this will show you're the real deal!
✨Tip Number 3
Show off your communication skills! Practice explaining complex security concepts in simple terms. This is key when talking to non-technical stakeholders, and it’ll set you apart from other candidates.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows you’re genuinely interested in joining our team at BP.
We think you need these skills to ace Information security Engineering specialist in Grange Hill
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in information security, especially around vulnerability management and incident response. We want to see how your skills align with the role at BP PLC!
Showcase Your Communication Skills: Since you'll be communicating with both technical and non-technical stakeholders, it's crucial to demonstrate your ability to translate complex topics into simple language. Use clear examples in your application to show us how you’ve done this before.
Highlight Relevant Experience: Don’t forget to mention any hands-on experience with tools like Qualys or Microsoft Defender for Cloud. We’re looking for specific examples of how you've tackled vulnerabilities or improved security outcomes in your previous roles.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you don’t miss out on any important updates during the process. Let’s get started!
How to prepare for a job interview at BP Energy
✨Know Your Stuff
Make sure you brush up on your knowledge of information security principles, especially around vulnerability management and incident response. Familiarise yourself with tools like Qualys or Microsoft Defender for Cloud, as well as frameworks like ISO 27001 and NIST. This will show that you're not just a candidate, but someone who understands the field.
✨Communicate Clearly
Since the role involves translating complex security topics into business-friendly language, practice explaining technical concepts in simple terms. You might even want to prepare a few examples of how you've done this in the past. This will demonstrate your exceptional communication skills and ability to engage with both technical and non-technical stakeholders.
✨Show Your Problem-Solving Skills
Be ready to discuss specific incidents where you identified root causes and implemented effective solutions. Use the STAR method (Situation, Task, Action, Result) to structure your answers. This will highlight your analytical abilities and experience in incident investigations, which are crucial for the role.
✨Ask Insightful Questions
Prepare thoughtful questions about the company's approach to security, their current challenges, and how they measure success in the role. This shows your genuine interest in the position and helps you assess if the company is the right fit for you. Plus, it gives you a chance to engage with your interviewers on a deeper level.