Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Protect digital assets and enhance security through incident response and risk management.
- Company: Join BP PLC, a leader in energy and technology with a focus on innovation.
- Benefits: Enjoy flexible working, health insurance, and opportunities for personal growth.
- Why this job: Make a real impact in cybersecurity while developing your skills in a dynamic environment.
- Qualifications: Experience in information security and strong communication skills are essential.
- Other info: Diverse and inclusive culture with excellent career development opportunities.
The predicted salary is between 36000 - 60000 ÂŁ per year.
Our purpose is to bring together people, energy and markets to power and navigate a changing world. In a time of constant change and possibility we need new talent to pursue commercial opportunities, fuelled by world-class insight and expertise. We’re always striving for more innovative digital solutions, sustainable outcomes and closer collaboration across our company and beyond, and you could be part of that too.
About the Role:
As an Information Security Engineering Specialist at BP PLC, you will play a critical role in safeguarding our digital assets and ensuring the resilience of our information systems. You will contribute to a secure environment by applying your expertise in incident response, risk management, and security guidelines.
Key Accountabilities:
- Vulnerability & Exposure Management
- Leading efforts to identify, prioritise, and track vulnerabilities across cloud and on‑prem environments
- Advising system owners, developers, and platform teams on remediation and configuration hardening and risk reduction
- Providing hands‑on support to reduce risk and improve security outcomes
- Security Advisory & Support
- Assisting technology teams in resolving exposure issues related to identity, network security, posture management, and secure configurations
- Acting as a security advocate, delivering clear written and verbal communication to technical and non‑technical stakeholders
- Creating and delivering training, awareness materials, and briefings to enhance security maturity
- Offering excellent customer service by supporting various business units through best‑practice guidance and responsive problem‑solving
- Incident Response & Assurance
- Leading and participating in incident investigations to identify root causes and implement effective solutions
- Providing expert consulting on secure design, implementation, and operations
- Contributing to the development and continuous improvement of information assurance frameworks and policies
- Platform Ownership
- Serving as a key contact for our vulnerability management platform supporting users in effective adoption and day‑to‑day usage
- Ensuring the platform is well‑configured, reliable, and used effectively across the organisation
- Championing new features and capabilities to continuously improve vulnerability visibility, prioritisation, and remediation outcomes.
Essential Experience and Job Requirements:
- Proven experience in information security, especially in vulnerability or exposure remediation
- Hands‑on experience with incident management, SIEM tools, and incident response platforms
- Experience working with vulnerability management or cloud-native security tools (e.g., Qualys, Wiz, Microsoft Defender for Cloud)
- Solid understanding of information assurance frameworks and compliance (ISO 27001, NIST, etc.)
- Knowledge of risk management principles, including assessment and mitigation
- Exceptional communication skills with the ability to translate complex topics into business‑friendly language
- Customer service experience—showing empathy, active listening, and a solutions‑focused approach when supporting partners
- Strong analytical and problem‑solving skills, especially during incident investigations
- Effective stakeholder management and relationship‑building abilities
- Cloud certifications (AWS, Azure) or security certifications (CISSP, CISM, GCIH, CCSP) are highly desirable
- A degree in Computer Science, IT, Cybersecurity, or equivalent practical experience
Why join us?
At bp, we provide an excellent working environment and employee benefits such as an open and inclusive culture, a great work-life balance, tremendous learning and development opportunities to craft your career path, life and health insurance, medical care package and many others. We support our people to learn and grow in a diverse and exciting environment. We believe that our team is strengthened by diversity. We are committed to crafting an inclusive environment in which everyone is respected and treated fairly.
There are many aspects of our employees’ lives that are significant, so we offer benefits to enable your work to fit with your life. These benefits can include flexible working options, collaboration spaces in a modern office environment, and others benefits.
Reinvent your career as you help our business meet the challenges of the future. Apply now!
Travel Requirement: Negligible travel should be expected with this role
Relocation Assistance: This role is not eligible for relocation
Remote Type: This position is a hybrid of office/remote working
Skills: Consulting, incident investigation and response, Incident Management, Information Assurance, Information Security, Information security behaviour change, Risk Management, Stakeholder Management, Supplier security management
Information security Engineering specialist in Sunbury-on-Thames employer: BP Energy
Contact Detail:
BP Energy Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information security Engineering specialist in Sunbury-on-Thames
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with current employees at BP. A friendly chat can sometimes lead to opportunities that aren’t even advertised!
✨Tip Number 2
Show off your skills! Prepare a portfolio or case studies showcasing your experience in incident response and vulnerability management. This will help you stand out during interviews and demonstrate your hands-on expertise.
✨Tip Number 3
Practice makes perfect! Get ready for those technical interviews by brushing up on your knowledge of security frameworks and tools. Mock interviews with friends or mentors can really boost your confidence.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows you’re genuinely interested in joining our team at BP.
We think you need these skills to ace Information security Engineering specialist in Sunbury-on-Thames
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Information Security Engineering Specialist role. Highlight your experience with vulnerability management and incident response, and don’t forget to mention any relevant certifications you have!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your skills align with our mission at BP. Keep it concise but impactful!
Showcase Your Communication Skills: Since you'll be working with both technical and non-technical stakeholders, it's crucial to demonstrate your ability to communicate complex topics clearly. Use examples in your application that showcase this skill.
Apply Through Our Website: We encourage you to apply through our website for the best chance of being noticed. It’s straightforward and ensures your application goes directly to us. Don’t miss out on this opportunity!
How to prepare for a job interview at BP Energy
✨Know Your Stuff
Make sure you brush up on your knowledge of information security principles, especially around vulnerability management and incident response. Familiarise yourself with tools like Qualys or Microsoft Defender for Cloud, as well as frameworks like ISO 27001 and NIST. This will show that you're not just a candidate, but someone who understands the field.
✨Communicate Clearly
Since the role involves translating complex security topics into business-friendly language, practice explaining technical concepts in simple terms. You might even want to prepare a few examples of how you've done this in the past. This will demonstrate your exceptional communication skills and ability to engage with both technical and non-technical stakeholders.
✨Show Your Problem-Solving Skills
Be ready to discuss specific incidents where you identified root causes and implemented effective solutions. Use the STAR method (Situation, Task, Action, Result) to structure your answers. This will highlight your analytical abilities and experience in incident investigations, which are crucial for the role.
✨Ask Insightful Questions
Prepare thoughtful questions about the company's approach to security, their current challenges, or how they measure success in the role. This shows your genuine interest in the position and helps you assess if the company is the right fit for you. Plus, it gives you a chance to engage with your interviewers on a deeper level.