Cyber Security Incident Response (CSIRT) Specialist

About the position About us Our purpose is to bring together people, energy and markets to power and navigate a changing world. In a time of constant change and possibility we need new talent to pursue commercial opportunities, fueled by world-class insight and expertise. We’re always striving for more innovative digital solutions, sustainable outcomes and closer collaboration across our company and beyond, and you could be part of that too. Together we continue to grow as the world’s leading energy company! The Cyber Security Incident Response Team (CSIRT), part of Counter Threat & Engineering (CT&E), responds to digital security threats and incidents globally from bp hubs in Houston, Sunbury, Kuala Lumpur, Pune, and Singapore. The Security Operations Center (SOC) escalates incidents to CSIRT, which conducts long-term investigations using digital forensics, advanced techniques, and collaborating across bp. Team members must understand bp’s business segments and address a broad range of security-related questions. You will help ensure enterprise security, enabling safe and secure business operations as part of this global team. Responsibilities • Support the bp SOC as an escalation point for security events and incidents. • Conduct digital forensic investigations on high-priority incidents to include functions such as host (disk and memory) forensics, network forensics and log analysis. • Work across Digital Security and the bp business functions to partner on incidents and to ensure all appropriate actions are being actioned and communicated • Conduct advanced threat hunting by using threat intelligence and the MITRE ATT&CK framework to proactively identify suspicious activity in the environment. • Ensure data accuracy within the case management system and others. • When not actively responding to incidents, other key responsibilities within the role include development of documentation and processes such as playbooks, refining your skills through training opportunities and identifying and enhancing the capabilities of the team by developing opportunities for automation (i.e., custom scripts and tool integration) Requirements • Bachelor's degree (e.g. Information Security, Network Security, Information Assurance, Information Technology, Computer Science) or equivalent experience and/or qualifications. Nice-to-haves • COMPTIA Security+ / CYSA+ CASP+ • SANS Certification GSOC; GCIH; GCFA; GCFE; GCFR • CISSP Certification and accreditation • Certified Ethical Hacker - CEH • Cisco Certifications (CCNA or similar) • Similar/ higher certifications Benefits • At bp, we support our people to learn and grow in a diverse and challenging environment. • We believe that our team is strengthened by diversity. • We are committed to encouraging an inclusive environment in which everyone is respected and treated fairly. • There are many aspects of our employees’ lives that are meaningful, so we offer benefits to enable your work to fit with your life. • These benefits can include flexible working options, a generous paid parental leave policy, and excellent retirement benefits, among others!