Principal OT Security Enablement

Entity:

Technology

Job Family Group:

IT&S Group

Job Description:

The Principal OT Security Enablement role provides senior technical expertise to support the secure design, deployment, and operation of operational technology (OT) and Process Control Network (PCN) environments across bp. You will translate cybersecurity requirements into practical implementation guidance, partnering with engineering, projects, and operations to ensure our safety-critical systems remain resilient and compliant.

This role strengthens bp’s OT cyber capability by enabling secure-by-design practices and supporting consistent adoption of cybersecurity controls across global P&O assets.

Key Responsibilities

• Lead team of engineers and security professionals charged with interfacing with bp’s global operating sites.
• Identify and prioritize opportunities to develop, standardized or simplify OT/PCN security patterns, reference architectures, configuration baselines, and technical guidance
• Provide senior technical input to engineering teams and projects on secure design, network architecture, system hardening, access management, and OT lifecycle security.
• Support the adoption of secure-by-design principles for OT systems and automation upgrades.
• Conduct or contribute to OT cyber risk assessments, threat modelling, and control gap analyses.
• Participate in assurance activities, technical reviews, deviations/extensions, and compliance checks against bp’s OT security standards and relevant external frameworks (IEC 62443, NIST)/regulations.
• Support OT cyber incident response efforts, including containment guidance, diagnostics, and improvement actions.
• Mentor OT security practitioners and build capability across the Operational Security Management Chapter.
• Partner with sites, projects, engineering authorities, and digital security teams to drive consistent implementation of OT security controls.
• Identify opportunities to streamline, automate, or enhance OT security tooling and processes.
• Promote safe and compliant execution of all OT cybersecurity activities in alignment with bp’s safety principles.

Essential Experience & Skills

• Hands-on experience with OT/ICS technologies (DCS, SCADA, PLC, SIS, historian systems, networks).
• Strong understanding of cybersecurity controls and secure configuration practices for OT environments.
• Experience with OT network segmentation, access control, secure remote access, and system hardening.
• Ability to translate technical requirements into clear, practical guidance for engineering and operations teams.
• Strong communication and stakeholder engagement skills across technical and non-technical audiences.
• Demonstrated ability to collaborate in complex operational settings.
• Alignment with bp’s values, behaviours, and leadership expectations.

Education & Certifications

• Degree in engineering, cybersecurity, computer science, or equivalent experience.
• Professional certifications preferred (GICSP, GCIA, GCIH, CISSP, ISA/IEC 62443 credentials).

Desirable

• Experience in manufacturing, refining, upstream production, or other industrial operations.
• Exposure to OT aspects of capital projects or major operational changes.
• Awareness of OT related regulatory requirements (e.g., NIS2, TSA, CFATS).
• Vendor or contractor oversight experience.

Why Join Us?

We’re committed to supporting leaders who want to make an impact. At bp, you’ll have the chance to shape and influence outcomes across businesses. You’ll be part of an inclusive environment where diverse perspectives are valued, and where your contribution to performance and integration matters.

We invest in the growth and wellbeing of our people, providing the resources, networks, and development opportunities needed to thrive. Our total rewards package includes competitive pay, bonuses, share options, and a range of flexible benefits designed to meet your needs — from healthcare and retirement plans to paid time off and agile working. We recognise that people have multifaceted lives, and we strive to offer a career experience that reflects that!

Apply now!!

Travel Requirement

Up to 10% travel should be expected with this role

Relocation Assistance:

This role is not eligible for relocation

Remote Type:

This position is a hybrid of office/remote working

Skills:

Consulting, incident investigation and response, Incident Management, Information Assurance, Information Security, Information security behaviour change, Risk Management, Stakeholder Management, Supplier Relationship Management, Supplier security management

Legal Disclaimer:

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp’s recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.

If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.