Operational Security Management Specialist (SOC)
bp
a day ago
Posted datea day ago
N/A
Minimum levelN/A
Job Description:
Our purpose is to deliver energy to the world, today and tomorrow. For over 100 years, bp has focused on discovering, developing, and producing oil and gas in the nations where we operate. We are one of the few companies globally that can provide governments and customers with an integrated energy offering. Delivering our strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner!
Technology is making a difference in bp's plans toinvest in today's energy system and help build tomorrow's.As an expertcommunity of science, safety and security, as well as digital specialists, our aim isto advance and protect bp.We use our expertise to help improve efficiency, increase effectiveness and harness the transformational potential of digital technologies to deliver value.
BP has embarked on an ambitious plan to modernize and transform as an integrated energy company, using digital technologies to drive efficiency, effectiveness, and new business models. As an Operational IS Specialist, you will be responsible for supporting information security and risk activities for Operational Security Management.
The Security Operations Center is responsible for monitoring and responding to incidents, performing initial triage and response, and calling out serious threats to members of the Cyber Security Incident Response Team (CSIRT) and the various business entities in BP. The SOC Analyst is the first point of contact many have with the Digital Security organization and therefore we also have an ambassadorial role in promoting Digital Security to the wider bp. As such, they must be knowledgeable about the various business segments and be able to answer, or direct to others, security-related questions covering a wide range of topics.
Collaborating with the SOC Lead in Malaysia, you will work as part of the distributed team globally to provide security across the enterprise that enables business activity and promotes safe and secure operations.
Key Accountabilities
Essential Experience and Job Requirements:
Technical capability
Essential:
Leadership and EQ
Desirable criteria
• COMPTIA Security+ / CYSA+ CASP+
• SANS Certification GSOC; GCIH
• CISSP Certification and accreditation
• Certified Ethical Hacker - CEH
• Cisco Certifications (CCNA or similar)
• Similar/ higher certifications
Additional Information
This role will require shift work during USA morning, afternoon and early evening hours with coverage 7 days per week based on a rotating schedule. Typically, analysts will be required to be on shift every fourth weekend. The exact working hours and shift pattern can be subject to change.
Legal Disclaimer:
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp's recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.
If you are selected for a position and depending upon your role, your employment may be contingent upon alignment to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.
Travel Requirement
Negligible travel should be expected with this role
Relocation Assistance:
This role is not eligible for relocation
Remote Type:
This position is a hybrid of office/remote working
Skills:
Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism
Legal Disclaimer:
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp's recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.
If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.
Our purpose is to deliver energy to the world, today and tomorrow. For over 100 years, bp has focused on discovering, developing, and producing oil and gas in the nations where we operate. We are one of the few companies globally that can provide governments and customers with an integrated energy offering. Delivering our strategy sustainably is fundamental to achieving our ambition to be a net zero company by 2050 or sooner!
Technology is making a difference in bp's plans toinvest in today's energy system and help build tomorrow's.As an expertcommunity of science, safety and security, as well as digital specialists, our aim isto advance and protect bp.We use our expertise to help improve efficiency, increase effectiveness and harness the transformational potential of digital technologies to deliver value.
BP has embarked on an ambitious plan to modernize and transform as an integrated energy company, using digital technologies to drive efficiency, effectiveness, and new business models. As an Operational IS Specialist, you will be responsible for supporting information security and risk activities for Operational Security Management.
The Security Operations Center is responsible for monitoring and responding to incidents, performing initial triage and response, and calling out serious threats to members of the Cyber Security Incident Response Team (CSIRT) and the various business entities in BP. The SOC Analyst is the first point of contact many have with the Digital Security organization and therefore we also have an ambassadorial role in promoting Digital Security to the wider bp. As such, they must be knowledgeable about the various business segments and be able to answer, or direct to others, security-related questions covering a wide range of topics.
Collaborating with the SOC Lead in Malaysia, you will work as part of the distributed team globally to provide security across the enterprise that enables business activity and promotes safe and secure operations.
Key Accountabilities
- Undertake Incident monitoring, detection and response activities in the SOC
- Analyze and investigate security alerts and incidents with appropriate critical issue in support of the business
- Develop the implementation and application of relevant operating processes and procedures, and ensures all activities adhere to the relevant standards.
- Ensure data accuracy within the SIEM, case management system and others.
- Liaise with various teams and senior partners across BP to advise on information security and risk and manages third party service providers that are helping to deliver related projects as required.
- Seeks opportunities for continuous improvement and automation within the specialism in response to internal and external developments.
- Develop and undertake threat hunting opportunities within the Security Operations Centre in addition to collaborating closely with the cyber intelligence team to identify proactive risk mitigation measures.
- Aligns with BP's Code of Conduct and models BP's Values & Behaviors.
- Essential Education:
- Bachelor's degree (e.g., Information Security, Network Security, Information Assurance, Information Technology, Computer Science) or equivalent experience and/or qualifications.
Essential Experience and Job Requirements:
- L1 SOC experience
- Knowledge of SIEM and Cyber toolsets
- EDR experience
- Knowledge of cloud platforms such as AWS and Azure
- Threat Hunting methods
- Strong problem-solving skills as applied to technical solutions
- Meaningful experience of information security and risk
- Sound technical knowledge of security as applied to IT Networks, systems, and applications
- Strong partner leadership skills
Technical capability
Essential:
- Good understanding of security fundamentals including network and host forensics, log analysis and basic malware analysis
- Deep technical analysis ability
- Understand the basics of email routing
- Understanding of core enterprise technologies such as Active directory, Windows OS, MAC OS, Linux etc.
- Understanding of adversarial attack patterns, vulnerabilities and TTPs
- Strong written and verbal communication skills
Leadership and EQ
- You embrace a culture of change and agility, evolving continuously, adapting to our changing world.
- You are an effective teammate, looking beyond your own area/organizational boundaries to consider the bigger picture and/or perspective of others, while understanding cultural differences
- You continually enhance your self-awareness and seek input from others on your impact and effectiveness
- Well organized, you balance proactive and reactive approaches and multiple priorities to complete tasks on time
- You apply judgment and common sense - you use insight and good judgment to inform actions and respond to situations as they arise
- You align with BP's Code of Conduct and demonstrate strong leadership through BP's Leadership Expectations and Values & Behaviours
Desirable criteria
• COMPTIA Security+ / CYSA+ CASP+
• SANS Certification GSOC; GCIH
• CISSP Certification and accreditation
• Certified Ethical Hacker - CEH
• Cisco Certifications (CCNA or similar)
• Similar/ higher certifications
Additional Information
This role will require shift work during USA morning, afternoon and early evening hours with coverage 7 days per week based on a rotating schedule. Typically, analysts will be required to be on shift every fourth weekend. The exact working hours and shift pattern can be subject to change.
Legal Disclaimer:
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp's recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.
If you are selected for a position and depending upon your role, your employment may be contingent upon alignment to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.
Travel Requirement
Negligible travel should be expected with this role
Relocation Assistance:
This role is not eligible for relocation
Remote Type:
This position is a hybrid of office/remote working
Skills:
Automation system digital security, Client Counseling, Conformance review, Digital Forensics, Incident management, incident investigation and response, Information Assurance, Information Security, Information security behaviour change, Intrusion detection and analysis, Legal and regulatory environment and compliance, Risk Management, Secure development, Security administration, Security architecture, Security evaluation and functionality testing, Solution Architecture, Stakeholder Management, Supplier security management, Technical specialism
Legal Disclaimer:
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp's recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.
If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.
JOB SUMMARY
Operational Security Management Specialist (SOC)
bp
Bandar Kuala Lumpur
a day ago
N/A
Full-time
Operational Security Management Specialist (SOC)