Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Protect digital assets and enhance information security through innovative solutions.
- Company: Join BP PLC, a leader in energy and technology with a focus on collaboration.
- Benefits: Enjoy flexible working, health insurance, and endless learning opportunities.
- Why this job: Make a real impact in safeguarding information systems and driving security maturity.
- Qualifications: Experience in information security and strong communication skills are essential.
- Other info: Be part of a diverse team committed to inclusivity and professional growth.
The predicted salary is between 36000 - 60000 £ per year.
Our purpose is to bring together people, energy and markets to power and navigate a changing world. In a time of constant change and possibility we need new talent to pursue commercial opportunities, fuelled by world-class insight and expertise. We are always striving for more innovative digital solutions, sustainable outcomes and closer collaboration across our company and beyond, and you could be part of that too.
About the Role: As an Information Security Engineering Specialist at BP PLC, you will play a critical role in safeguarding our digital assets and ensuring the resilience of our information systems. You will contribute to a secure environment by applying your expertise in incident response, risk management, and security guidelines.
Key Accountabilities:
- Vulnerability & Exposure Management
- Leading efforts to identify, prioritise, and track vulnerabilities across cloud and on-prem environments.
- Advising system owners, developers, and platform teams on remediation and configuration hardening and risk reduction.
- Providing hands-on support to reduce risk and improve security outcomes.
- Security Advisory & Support
- Assisting technology teams in resolving exposure issues related to identity, network security, posture management, and secure configurations.
- Acting as a security advocate, delivering clear written and verbal communication to technical and non-technical stakeholders.
- Creating and delivering training, awareness materials, and briefings to enhance security maturity.
- Offering excellent customer service by supporting various business units through best-practice guidance and responsive problem-solving.
- Incident Response & Assurance
- Leading and participating in incident investigations to identify root causes and implement effective solutions.
- Providing expert consulting on secure design, implementation, and operations.
- Contributing to the development and continuous improvement of information assurance frameworks and policies.
- Platform Ownership
- Serving as a key contact for our vulnerability management platform supporting users in effective adoption and day-to-day usage.
- Ensuring the platform is well-configured, reliable, and used effectively across the organisation.
- Championing new features and capabilities to continuously improve vulnerability visibility, prioritisation, and remediation outcomes.
Essential Experience and Job Requirements:
- Proven experience in information security, especially in vulnerability or exposure remediation.
- Hands-on experience with incident management, SIEM tools, and incident response platforms.
- Experience working with vulnerability management or cloud-native security tools (e.g., Qualys, Wiz, Microsoft Defender for Cloud).
- Solid understanding of information assurance frameworks and compliance (ISO 27001, NIST, etc.).
- Knowledge of risk management principles, including assessment and mitigation.
- Exceptional communication skills with the ability to translate complex topics into business-friendly language.
- Customer service experience showing empathy, active listening, and a solutions-focused approach when supporting partners.
- Strong analytical and problem-solving skills, especially during incident investigations.
- Effective stakeholder management and relationship-building abilities.
- Cloud certifications (AWS, Azure) or security certifications (CISSP, CISM, GCIH, CCSP) are highly desirable.
- A degree in Computer Science, IT, Cybersecurity, or equivalent practical experience.
Why join us?
At BP, we provide an excellent working environment and employee benefits such as an open and inclusive culture, a great work-life balance, tremendous learning and development opportunities to craft your career path, life and health insurance, medical care package and many others. We support our people to learn and grow in a diverse and exciting environment. We believe that our team is strengthened by diversity. We are committed to crafting an inclusive environment in which everyone is respected and treated fairly. There are many aspects of our employees' lives that are significant, so we offer benefits to enable your work to fit with your life. These benefits can include flexible working options, collaboration spaces in a modern office environment, and others benefits. Reinvent your career as you help our business meet the challenges of the future. Apply now!
Travel Requirement: Negligible travel should be expected with this role.
Relocation Assistance: This role is not eligible for relocation.
Remote Type: This position is a hybrid of office/remote working.
Skills: Consulting, incident investigation and response, Incident Management, Information Assurance, Information Security, Information security behaviour change, Risk Management, Stakeholder Management, Supplier security management.
Information security Engineering specialist in Sunbury employer: BP Energy
Contact Detail:
BP Energy Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information security Engineering specialist in Sunbury
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with current employees at BP. A friendly chat can sometimes lead to opportunities that aren’t even advertised.
✨Tip Number 2
Show off your skills! Prepare a portfolio or case studies that highlight your experience in information security, especially around incident response and vulnerability management. This will give you an edge during interviews.
✨Tip Number 3
Practice makes perfect! Conduct mock interviews with friends or use online platforms to refine your responses. Focus on translating complex security concepts into simple terms, just like you’d need to do with non-technical stakeholders.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, it shows you’re genuinely interested in joining our team at BP.
We think you need these skills to ace Information security Engineering specialist in Sunbury
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Information Security Engineering Specialist role. Highlight your relevant experience in incident response and vulnerability management, and don’t forget to mention any cloud certifications you have!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your skills align with our mission at BP. Keep it concise but impactful!
Showcase Your Communication Skills: Since you'll be working with both technical and non-technical stakeholders, it's crucial to demonstrate your ability to communicate complex topics clearly. Use examples from your past experiences to illustrate this in your application.
Apply Through Our Website: We encourage you to apply directly through our website for the best chance of success. It’s straightforward and ensures your application gets to the right people quickly. Plus, we love seeing applications come through our own channels!
How to prepare for a job interview at BP Energy
✨Know Your Stuff
Make sure you brush up on your knowledge of information security, especially around vulnerability management and incident response. Familiarise yourself with tools like Qualys and Microsoft Defender for Cloud, as well as frameworks like ISO 27001 and NIST. This will help you answer technical questions confidently.
✨Communicate Clearly
Since you'll be dealing with both technical and non-technical stakeholders, practice explaining complex security concepts in simple terms. Use examples from your past experiences to illustrate your points. This will show that you can bridge the gap between tech and business effectively.
✨Show Your Problem-Solving Skills
Prepare to discuss specific incidents you've managed or resolved in the past. Highlight your analytical skills and how you approached problem-solving during those situations. This will demonstrate your capability in incident investigations and your proactive approach to risk management.
✨Be a Team Player
Emphasise your experience in collaborating with different teams. Share examples of how you've supported technology teams in resolving security issues or delivered training materials. This will showcase your customer service mindset and ability to build relationships across the organisation.