Senior Auditor (Digital)

at  BP Energy

ARE YOU LOOKING TO DEVELOP NEW, INDUSTRY LEADING, TECHNICAL SKILLS?

The Senior Auditor role can help you achieve such goals through leading or being a team member on a range of audits across different bp entities, with a particular focus on digital and cyber security. The role also presents opportunities to contribute to the development of the annual audit programme, work with senior collaborators, maintain an understanding of developments impacting digital in bp, coach auditors, and participate in various activities related to the continuous improvement of the Internal Audit function.

Internal Audit’s mission is to “make BP safer and more valuable through our independent insights”. We do this through:

• a programme of ~120 audits per year that consider the management of BP’s significant risks
• working with management to develop ways to better manage risk
• engaging with various bp entities to develop working relationships
• reporting our results, insights and agreed actions to leadership.

We are a global and diverse team of around 130 people, based predominantly in Sunbury, Houston, Budapest, Kuala Lumpur and Baku. The key areas of focus for Information Technology (IT) Audit, include the following digital risk areas:

• cyber security with a focus on network and platform infrastructure security
• compliance with cyber and technology regulations, payment card industry standards
• development, deployment and maintenance of critical IT systems
• risk management over enduring and emerging technology

The role represents an excellent opportunity for you to develop industry-leading internal audit skills, learn new technology, and improve risk management in BP; while broadening your knowledge and understanding of bp’s businesses and operation.
The role is open to individuals with Information Technology risk assurance experience. In-house training will be provided for you to develop auditing, business and leadership skills.

OTHER ACCOUNTABILITIES – NON-AUDIT WORK:

In addition to audit accountabilities, the Senior Auditor will lead or contribute to other functional activities within Internal Audit, such as:

• Supporting the assessment and reporting on the control environment for key risk areas for the purposes of executive and board reporting
• Planning for future years audit programmes
• Development and delivery of learning & development activities
• Maintaining effective working relationships with business partners
• Continuing to enhance Internal Audit’s methodology for key digital and cyber security risks.

Expected behaviours:

• Role modelling conformance with the bp requirements and processes
• Role modelling bp’s ‘Who We Are’ beliefs
• Contributing to HSSE management, Diversity & Inclusion, Ethics & Compliance and other management activities within Internal Audit.

EDUCATION:

Suitably qualified professional with degree, or similar educational background, or extensive relevant work experience

Role Requirements:

• Deep technical experience in design/ operation in areas such as information technology architecture, cloud, network, digital product/platform development, cybersecurity
• Relevant IT risk and control experience (in network security, IT risk or consulting roles) within bp, a similar company or within a relevant professional services organization
• Knowledge and understanding of current and emerging IT risk trends, threats, vulnerabilities and mitigations
• Team lead experience and working / leading virtual and/or global teams
• A proven track record of delivery of audits, relevant risk and controls projects, or line work
• Strong verbal and written communication skills and the ability to land challenging messages
• The ability to learn quickly and identify key risks and controls in unfamiliar business environments
• The ability to navigate the organisation with tact and manage relationships at different levels including senior leaders
• The ability to work independently and manage uncertainty

DESIRABLE EXPERIENCE:

• Audit experience including network and infrastructure security, payment card industry compliance, IT general controls, cyber security and regulatory compliance

SKILLS:

Auditing, Compliance PCI, Digital fluency, Information Technology (IT) Infrastructure, Information Technology (IT) Risk, Information Technology Auditing, Internal Auditing, Internal IT Audit, Network Security, Network Security Architecture, Payment Card Industry (PCI), Stakeholder Engagement, Stakeholder Management, Technical Auditing

• Deep technical experience in design/ operation in areas such as information technology architecture, cloud, network, digital product/platform development, cybersecurity
• Relevant IT risk and control experience (in network security, IT risk or consulting roles) within bp, a similar company or within a relevant professional services organization
• Knowledge and understanding of current and emerging IT risk trends, threats, vulnerabilities and mitigations
• Team lead experience and working / leading virtual and/or global teams
• A proven track record of delivery of audits, relevant risk and controls projects, or line work
• Strong verbal and written communication skills and the ability to land challenging messages
• The ability to learn quickly and identify key risks and controls in unfamiliar business environments
• The ability to navigate the organisation with tact and manage relationships at different levels including senior leaders
• The ability to work independently and manage uncertaint