Cyber Security Lead

Job Title: Cyber Security Lead

Department: IT&Digital

Reporting to: Head of Infrastructure and IT Operations

Role location: London HQ, UK

 

About Lightsource bp

Lightsource bp is a global leader in the development and management of solar energy projects. We are a 50:50 joint venture with bp with a mission to help drive the world’s transition to low carbon energy. 

With solar set to increase tenfold in the next 20 years, we are well-positioned to capitalise on this growth. By joining the Lightsource bp team, you will ‘be the change’ on the world’s energy transition to a more sustainable future.

We pride ourselves on our entrepreneurial spirit as we continue to push the boundaries of an ever-changing energy landscape. By choosing a career with us, you can expect a challenging and fulfilling role surrounded by people who are passionate and have brilliant ideas about sustainable technology, innovation and making the world a better place.

 

What You'll do (the role)

 

Summary 

Lightsource bp are looking for an experienced Cyber Security Lead to join our expanding Cyber Security function within the IT & Digital department. This role will have a global focus with the ability to influence policy and direction across the entire company. 

Duties and Responsibilities 

• Act as a subject matter expert for our business areas and key stakeholders, providing advice and guidance on security best practices 

• Develop and implement policies, procedures and standards that meet existing and newly developed policy and regulatory requirements 

• Perform security reviews and assessments for products, technologies, and services 

• Input into designs and architectures from a security perspective across both Lightsource bp’s IT and OT environments 

• Lead on enterprise-wide application security posture management and provide assurance around vulnerability remediation 

• Create and lead a programme of targeted continuous improvement projects 

• Address questions from internal and external audits and examinations 

• Contribute to IT security/risk training for the group, promoting awareness of applicable regulatory standards, upstream risks and industry best practices. 

• Stay up-to-date on the changing threat landscape 

• Build and foster strong relationships with our key security partners 

• Work closely with our Governance, Risk Management and Data Protection teams. 

 

Who we're looking for

 

Knowledge, Skills and Experience 

• Strong knowledge of industry standards and regulatory requirements for Operational Technology (ISA/IEC 62443, NIST CSF 2, NERC CIP and SOCI) 

• Experience implementing relevant industry standards (ISO 27001, Cyber Essentials Plus, GDPR) 

• Knowledge of Incident Management frameworks, security incident analysis, digital forensics, crisis management, SOC operations and supporting tools 

• Strong understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defence and intelligence frameworks 

• Experience in a technically focused senior Cyber Security role with a global focus 

• Experience in conducting, managing, or coordinating security testing or assurance activities 

• Experience with implementation of a zero trust IT security model 

• Demonstrated experience in cloud-based infrastructure with a focus on Microsoft Azure, M365, Entra ID. Use of Azure Sentinel (SIEM), Defender XDR, Purview and Tenable (Nessus) is highly desirable 

• Experience in incident response and overseeing operational improvement actions such as development and tuning of security monitoring, alerting, and reporting. 

• Able to lead and develop a team of cyber security professionals 

• Able to manage a diverse workload, and able to communicate effectively with technical teams, project managers and key stakeholders 

• Exceptional customer facing skills, with the ability to present technical information to non-technical individuals 

Qualifications  

• Qualification such as: Certified Cyber Professional (CCP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Privacy Professional/Europe (CIPP/E), Certified Information Privacy Manager (CIPM), Microsoft Security (SC-200, AZ-500, MS-500) 

• NIST Cybersecurity Framework (NCSF) Practitioner 

 

Why You'll make a great member of the team 

 

Personal qualities  

• Proactive problem-solver who independently identifies improvement opportunities and seeks to act on them 

• Able to provide a high level of service to users 

• Ability to operate independently in a dynamic and fast-paced environment 

• Ability to prioritise and work on multiple projects concurrently 

• Intellectually flexible, honest, transparent, and straightforward 

• Passion for driving compliance, customer satisfaction and improvement through leadership 

• Detail orientated 

• Able to represent Lightsource bp values of Safety, Integrity, Safety, Sustainability and Drive 

 

Why you'll want to work for us 

Our company is a place where you can be yourself and grow – a place where your ideas and opinions matter. 

Be you 

We pride ourselves on being an inclusive community, where every individual is valued and treated with respect. 

Be responsible 

Our culture is driven by our core values. From operating safely to ensuring our solar projects are responsible and promote biodiversity.  

Be recognised 

Alongside a competitive salary, we offer a variety of benefits including annual bonus, retention bank, health insurance, pension, and other local benefits. 

Be inspired 

Join an agile, international team working across 15 countries to power the future and positively impact people, communities, ecosystems and biodiversity across the world. 

Our core values 

Lightsource bp truly cares about creating a sustainable future through safe, responsible and meaningful low-carbon energy projects. Our core values of Safety, Integrity, Respect, Sustainability and Drive are the guiding principles for everything we do.   

https://www.lightsourcebp.com/careers/