Entity:

Technology

Job Family Group:

IT&S Group

Job Description:

You will work with:

This team is responsible for safeguarding the company's digital assets and ensuring robust cyber resilience. They cover various aspects of cybersecurity, including threat and exposure management, security engineering, cyber incident response, security DevOps, and insider threat. Each team has specific responsibilities and areas of focus, collaborating closely with other digital security teams and business units to ensure a cohesive approach to cybersecurity.

Each of these teams collaborates closely with other digital security teams, digital core and delivery teams, and various business units to ensure a cohesive and comprehensive approach to cybersecurity.

Let me tell you about the role:

We are looking for an expert and innovative Information Security Engineering Lead to define, govern, and strengthen security across our global AWS environment, supporting critical business operations. This is a player-coach role: you will provide strategic inputs to senior collaborators, establish enterprise-scale security policies, drive governance through automation, and define a roadmap for a resilient cloud ecosystem.

The ideal candidate brings a blend of strategic leadership and hands-on technical expertise, having transitioned from a senior Security Engineer or Architect role. You will ensure compliance with industry regulations, safeguard critical data, and enable secure integration across diverse business environments.

What you will deliver:

• Security Advisory & Strategy – Act as the AWS security SME, advising DevOps and platform teams on secure-by-design principles. Align AWS security strategy with the global business goals and regulatory requirements.
• Policy, Standards & Governance – Improve the global AWS security standards tailed for Oil & Gas, covering data sovereignty, critical infrastructure protection aligned with NIST and other security principles. Implement and improve governance for sophisticated multi-account AWS environments supporting global operations. Conduct deep dive security assessments and “well architected” reviews of critical workloads.
• Engineering & Architecture – Develop and govern landing patterns (accounts, SCPs, logging, detective controls).Improve the security posture of cloud‑native services including containers, serverless (AWS Lambda), and AWS control‑plane APIs by making sure bp service‑specific baseline controls and CNAPP policies via automated guardrails across build, deploy, and runtime.
• Stakeholder Relationships – Build positive relationships across business units and technology ecosystems.
• Safety & Compliance – Champion operational safety and digital security by ensuring AWS security architectures reinforce compliance.

What you will need to be successful (experience and qualifications):

• 14+ years of cyber security experience, including a minimum of 6 years of experience in leading a security engineering team.
• Extensive experience on one of the following areas: Cloud Security (AWS and Azure), Infrastructure Security (IAM, Network, endpoint, etc.), or Data Security(DLP, data lifecycle management, etc.).
• Deep and hands-on experience designing security architectures and solutions for reliable and scalable data infrastructure, cloud and data products in sophisticated environments.
• Experience with automation and scripting for security tasks (e.g., IaC, CI/CD integration) and security tooling (e.g., vulnerability scanners, CNAPP, Endpoint and/or DLP).
• Deep knowledge and hands-on experience in technologies across all data lifecycle stages.
• Foundational knowledge of security standards, industry laws, and regulations such as Payment Card Industry Data Security Standards (PCI-DSS), General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and Sarbanes-Oxley (SOX)
• Strong collaborator management and ability to lead teams through managerial and technical influence.
• Continuous learning and improvement approach.

Plus:

• A degree or equivalent experience in computer science or engineering from a recognized institute.
• Certifications like AWS Certified Security Specialty, AWS Solutions Architect Professional, CISSP or CCSP.
• Development experience in one or more object-oriented programming languages (e.g., Python, Scala, Java, C#) and/or development experience in one or more cloud environments (including AWS, Azure, Alibaba, etc.)
• Exposure/experience with full stack development.

About bp:

bp is a global energy business with a purpose to reimagine energy for people and our planet. We aim to be a very different kind of energy company by 2030, helping the world reach net zero and improving people’s lives. We are committed to creating a diverse and inclusive environment where everyone can thrive. Join bp and become part of the team building our future!

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Travel Requirement

Up to 10% travel should be expected with this role

Relocation Assistance:

This role is eligible for relocation within country

Remote Type:

This position is a hybrid of office/remote working

Skills:

Consulting, incident investigation and response, Incident Management, Information Assurance, Information Security, Information security behaviour change, Risk Management, Stakeholder Management, Supplier Relationship Management, Supplier security management

Legal Disclaimer:

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.

If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.