Operational security management specialist in Sunbury-on-Thames

Our purpose is to deliver energy to the world, today and tomorrow. For over 100 years, bp has focused on discovering, developing, and producing oil and gas in the nations where we operate. We are one of the few companies globally that can provide governments and customers with an integrated energy offering. Delivering our strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner.

About the role:

As an Operational IS Specialist, you will support information security and risk activities within Operational Security Management. Our Security Operations Center (SOC) is the frontline of defense, responsible for incident response, initial triage, and proactive threat hunting. You will work closely with the Cyber Security Incident Response Team (CSIRT) and business units across bp. As the first point of contact for many, SOC Analysts also play an ambassadorial role—promoting digital security and guiding partners on a wide range of security topics. Working with the SOC Lead in Sunbury, you will be part of a global team dedicated to safeguarding bp’s enterprise, enabling business continuity, and ensuring safe and secure operations worldwide. The position will be based in Sunbury and in line with bp's global hybrid working policy is expected to be office based 3 days per week. In addition, the successful candidate must be available to work Monday to Friday 7 - 4 with weekend work as part of a rotation. Where weekend work is done days off during the week will be provided.

What you will deliver:

• Perform incident detection and response within the SOC, including analysis and escalation of security alerts.
• Investigate security incidents and ensure accurate documentation in SIEM and case management systems.
• Develop and apply SOC processes and procedures, ensuring compliance with standards.
• Collaborate with internal teams, senior partners, and third-party providers to address security and risk issues.
• Find opportunities for process improvement and automation in response to evolving threats.
• Conduct proactive threat hunting and work with the cyber intelligence team to implement risk mitigation measures.
• Uphold bp’s Code of Conduct and model bp’s values and behaviors in all activities.

What you need to be successful:

• Bachelor's degree (e.g., Information Security, Network Security, Information Assurance, Information Technology, Computer Science) or equivalent experience and/or qualifications.

Core Skills:

• L1 SOC operations: monitoring, triage, and escalation of security alerts.
• SIEM & cybersecurity tools: log analysis and event correlation.
• EDR solutions: endpoint threat detection and response.
• Cloud security: AWS and Azure fundamentals.
• Threat hunting: proactive identification of risks and IOCs.
• Strong problem-solving and partner management skills.
• Solid knowledge of IT networks, systems, and applications security.

Technical Expertise:

• Security fundamentals: network/host forensics, log analysis, basic malware analysis.
• Technical analysis and troubleshooting.
• Email routing basics.
• Enterprise technologies: Active Directory, Windows, Linux, macOS.
• Understanding attack patterns, vulnerabilities, and TTPs.
• Excellent written and verbal communication.

Leadership & Behavioral:

• Adaptable and agile in a changing environment.
• Effective team player with cultural awareness.
• Organized, balancing multiple priorities.
• Strong judgment and decision-making.
• Aligned with bp’s Code of Conduct and values.

Nice to have:

• COMPTIA Security+ / CYSA+ CASP+
• SANS Certification GSOC; GCIH
• CISSP Certification and accreditation
• Certified Ethical Hacker - CEH
• Cisco Certifications (CCNA or similar)
• Similar/ higher certifications

Why join us?

At bp, we support our people to grow in a diverse and exciting environment. We believe that our team is strengthened by diversity. There are many aspects of our employees’ lives that are meaningful, so we offer benefits to enable your work to fit with your life. These benefits can include flexible working options, a generous paid parental leave policy, excellent retirement benefits, among others!

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Reinvent your career as you help our business meet the challenges of the future. Apply now!

Travel Requirement: Up to 10% travel should be expected with this role.

Relocation Assistance: This role is not eligible for relocation.

Remote Type: This position is a hybrid of office/remote working.

Skills: Consulting, incident investigation and response, Incident Management, Information Assurance, Information Security, Information security behaviour change, Risk Management, Stakeholder Management, Supplier security management.