Information Security Engineering Specialist

We are seeking an Information Security Engineering Specialist to support a dedicated team that empowers security professionals and software engineers to develop, deploy, and maintain security standards, secure applications, and automation solutions.

In this role, you will champion secure policies across cloud, infrastructure, and data teams, identify vulnerabilities, provide actionable remediation insights, and promote the adoption of robust security practices. Staying current on industry trends and technology advancements, you will play a vital role in strengthening bp's cybersecurity posture and fostering a culture of security excellence.

Join a dynamic team responsible for responding to and managing cyber incidents using an intelligence‑driven approach. This team focuses on identifying, mitigating, and rapidly responding to threats that protect bp on a global scale. Leveraging lessons learned and data analytics, they define engineering principles and continuously enhance bp's cybersecurity technology stack.

• Develop and implement platform security standards and co‑design security schemas to ensure quality at the infrastructure build and configuration stage. Identify opportunities to automate manual security processes wherever feasible.
• Collaborate with business partners to implement security strategies and coordinate remediation efforts to ensure products meet safety and compliance requirements.
• Act as a subject matter expert in at least one core domain—cloud, infrastructure, or data.
• Provide hands‑on support to teams on secure configurations and remediation approaches.
• Align security strategy, processes, and decision‑making across multiple teams.
• Actively participate in governance frameworks and contribute to an inclusive, collaborative environment with engineers, developers, product owners, and managers.
• Drive the evolution of the security roadmap to anticipate and address future challenges.
• Offer technical guidance and manage dependencies and risks for squads and teams.
• Develop and communicate materials to help embed and measure security across cloud, infrastructure, and data environments.
• Mentor peers and promote continuous learning and professional development.

• 3+ years in security engineering or technical infrastructure roles.
• Minimum 3 years of cybersecurity experience focused on one or more of these areas: Cloud (AWS, Azure), Infrastructure (IAM, networking,), or Data (DLP, data lifecycle management).
• Hands‑on experience designing scalable, secure architectures for data infrastructure, cloud, and data products in complex environments.
• Development experience in one or more object‑oriented languages such as Python, Scala, Java, or C#, and/or cloud development experience (AWS, Azure, Alibaba, etc.).
• Familiarity with full‑stack development.
• Proficiency with automation and scripting for security tasks, including infrastructure as code (IaC), CI/CD integration, and security tooling (e.g., vulnerability scanners, CNAPP, endpoint security, DLP).
• In‑depth knowledge of technologies covering all stages of the data lifecycle.
• Foundational understanding of security standards and regulations including PCI‑DSS, GDPR, CCPA, and SOX.
• Strong collaboration and influencing skills with the ability to guide teams through technical challenges.
• Commitment to continuous learning and improvement.

At bp, we provide an excellent working environment and employee benefits such as an open and inclusive culture, a great work‑life balance, tremendous learning and development opportunities to craft your career path, life and health insurance, medical care package and many others. We support our people to learn and grow in a diverse and challenging environment. We believe that our team is strengthened by diversity. We are committed to crafting an inclusive environment in which everyone is respected and treated fairly.

There are many aspects of our employees' lives that are meaningful, so we offer benefits to enable your work to fit with your life. These benefits can include flexible working options, collaboration spaces in a modern office environment, and many others benefits.

Reinvent your career as you help our business meet the challenges of the future.

Negligible travel should be expected with this role.

This role is not eligible for relocation.

This position is a hybrid of office/remote working.

Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp's recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.

If you are selected for a position and depending on your role, your employment may be contingent upon adherence to local policy. This may include pre‑placement drug screening, medical review of physical fitness for the role, and background checks.