Rodeo
ResourcesPartnersSign in

bp

Information Security Principal

Sunbury-on-Thames
Posted 1 day ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Entity: Technology Job Family Group: IT&S Group

Job Description:

About the role

As the Information Security Principal for Upstream, we will look to you to provide cyber security leadership across our global Upstream business.

You'll be part of our extended Upstream Digital leadership team and the Digital Security discipline.

You'll lead a geographically distributed team across the UK, US and Kuala Lumpur, bringing people together around common goals and helping them thrive in their careers.

Technology is redefining how we operate, from AI and autonomous operations to increasingly connected industrial environments.

How do we unlock these opportunities while keeping our people, operations and data safe and secure? That's where this role comes in.

We believe security should enable the business—not stand in its way.

What you will deliver

You will be accountable for delivering Information Security management across Upstream, ensuring cyber risk is understood, owned and led at the pace the business needs:

  • Business outcomes: Collaborate with the Upstream business leadership to identify and address cyber security risks.
  • Security Expertise: Provide technical expertise in Information Security, implementing operating processes and ensuring alignment to security policies and standards.
  • Team Leadership: Lead, mentor, and develop a resilient team across geographies, aligning with our vision and strategy, encouraging continuous improvement and career progression.
  • Relationship Management: Act as main point of contact for information security for bp Upstream, building strong partnerships and influencing positive change.
  • Incident Management: Collaborate on incident response efforts.
  • Safety: Prioritize operational safety.

What you will need to be successful

Education:

  • Tertiary-level qualification or equivalent work experience.
  • Degree or equivalent experience in Information Security or Computer Science Engineering
  • Relevant certifications such as CISSP, CISM, or CISA are desirable.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Experience:

  • Significant experience in internal or external information security roles.
  • Solid grasp of cyber security frameworks, standards, and good practices.
  • Demonstrable experience working in large enterprise environment.
  • Ability to form effective partnerships with the business and senior management.
  • Experience in oil and gas or energy sector (desired).

Technical Capability

  • Proven grounding in cyber risk, threat modelling, secure-by-design and control effectiveness measurement.
  • Technical knowledge in delivering security solutions and leading security processes.
  • Experience of engaging with regulators and government bodies (e.g., NCSC, CISA).
  • Knowledge of Operational Technology security (ICS/SCADA, DCS, OT network segmentation) is desirable.

Leadership and EQ

  • Build, lead and encourage high-performing global teams and peers, upholding bp's code of conduct and values.
  • Stay up-to-date with the latest cyber security trends, threats, and technologies.
  • Ability to operate in ambiguity, shifting priorities, and rapid decision-making.
  • Excellent executive communication and influencing skills.

Business Capability

  • Act as change agent for the front line and senior leadership.
  • Track record of influencing business outcome based on cyber risk.
  • Ability to translate technical cyber risk into commercial, safety, and regulatory language.
  • Comfortable operating in matrixed, multi-cultural, multi-time-zone environments.

Why join us?

We’re committed to supporting leaders who want to make an impact. At bp, you’ll have the chance to shape and influence outcomes across businesses. You’ll be part of an inclusive environment where diverse perspectives are valued, and where your contribution to performance and integration matters.

We invest in the growth and wellbeing of our people, providing the resources, networks, and development opportunities needed to thrive.

Our total rewards package includes competitive pay, bonuses, share options, and a range of flexible benefits designed to meet your needs — from healthcare and retirement plans to paid time off and agile working. We recognise that people have multifaceted lives, and we strive to offer a career experience that reflects that.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Location

Please note that while the position can be based in our Sunbury office, this will move to Southwark, London by end 2027.

Travel Requirement

Negligible travel should be expected with this role

Relocation Assistance

This role is not eligible for relocation

Remote Type

This position is a hybrid of office/remote working

Skills

Consulting, incident investigation and response, Incident Management, Information Assurance, Information Security, Information security behaviour change, Risk Management, Stakeholder Management, Supplier Relationship Management, Supplier security management

Legal Disclaimer

We are an equal opportunity employer. We do not discriminate on the basis of protected characteristics like race, religion, color, sex, national origin, sexual orientation, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.

If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.

This careers site is for bp contractors only. Please do not refer or share the role(s) with anyone who is not currently a contractor at bp.

We’re an international energy company with global scale, ambitious plans and a team of brilliant people delivering energy to the world, today and tomorrow.

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Consulting
Incident Investigation And Response
Incident Management
Information Assurance
Information Security
Information Security Behaviour Change
Risk Management
Stakeholder Management
Supplier Relationship Management
Supplier Security Management

Location

London, England, United Kingdom

Sign up to applySee more jobs like this