Job Description:
Do you want to make a difference to the management of significant risks in BP?
Are you looking to apply your business experience in new areas?
Are you interested in improving risk management and influencing senior management to take action?
Are you looking to develop new, industry leading, technical skills?
The Senior Auditor role can help you achieve such goals through leading or being a team member on a range of audits across different bp entities, with a particular focus on digital and cyber security. The role also presents opportunities to contribute to the development of the annual audit programme, work with senior collaborators, maintain an understanding of developments impacting digital in bp, coach auditors, and participate in various activities related to the continuous improvement of the Internal Audit function.
Internal Audit's mission is to "make BP safer and more valuable through our independent insights". We do this through:
* a programme of ~120 audits per year that consider the management of BP's significant risks
* working with management to develop ways to better manage risk
* engaging with various bp entities to develop working relationships
* reporting our results, insights and agreed actions to leadership.
We are a global and diverse team of around 130 people, based predominantly in Sunbury, Houston, Budapest, Kuala Lumpur and Baku. The key areas of focus for Information Technology (IT) Audit include the following digital risk areas:
* cyber security with a focus on network and platform infrastructure security
* compliance with cyber and technology regulations, payment card industry standards
* development, deployment and maintenance of critical IT systems
* risk management over enduring and emerging technology
The role represents an excellent opportunity for you to develop industry-leading internal audit skills, learn new technology, and improve risk management in BP; while broadening your knowledge and understanding of bp's businesses and operations.
The role is open to individuals with Information Technology risk assurance experience. In-house training will be provided for you to develop auditing, business and leadership skills.
As an audit lead, the Senior Auditor will:
* Identify and understand relevant risks and controls for each audit; and develop a Terms of Reference and test plan to audit these effectively
* Apply experience and subject matter expertise to provide insights to improve how risks are managed and identify process and performance improvement opportunities
* Lead discussions with auditees and other senior collaborators in the execution and reporting of audit fieldwork
* Manage relationships with business partners, delivering updates on the progress of audit work
* Lead, motivate and engage the audit team to ensure quality execution of testing and conformance with Internal Audit methodology and requirements
* Manage issues as they arise during audit work, raising to the senior audit manager and VP as necessary
* Write reports and communicate audit findings professionally, and with respect, to audit and business partners.
As an audit team member, the Senior Auditor will:
* Conduct audit fieldwork with rigour in line with Internal Audit's methodology
* Apply experience and subject matter expertise to audit test areas assigned
* Support the lead auditor and other team members as required to ensure effective and timely audit delivery
* Provide coaching to other team members
* Engage with business partners professionally and sensitively, and act as an ambassador for Internal Audit.
Other Accountabilities - Non-audit work:
In addition to audit accountabilities, the Senior Auditor will lead or contribute to other functional activities within Internal Audit, such as:
* Supporting the assessment and reporting on the control environment for key risk areas for the purposes of executive and board reporting
* Planning for future years' audit programmes
* Development and delivery of learning & development activities
* Maintaining effective working relationships with business partners
* Continuing to enhance Internal Audit's methodology for key digital and cyber security risks.
Expected behaviours:
* Role modelling conformance with the bp requirements and processes
* Role modelling bp's 'Who We Are' beliefs
* Contributing to HSSE management, Diversity & Inclusion, Ethics & Compliance and other management activities within Internal Audit.
Education:
Suitably qualified professional with degree, or similar educational background, or extensive relevant work experience.
Role Requirements:
* Deep technical experience in design/operation in areas such as information technology architecture, cloud, network, digital product/platform development, cybersecurity
* Relevant IT risk and control experience (in network security, IT risk or consulting roles) within bp, a similar company or within a relevant professional services organization
* Knowledge and understanding of current and emerging IT risk trends, threats, vulnerabilities and mitigations
* Team lead experience and working/leading virtual and/or global teams
* A proven track record of delivery of audits, relevant risk and controls projects, or line work
* Strong verbal and written communication skills and the ability to land challenging messages
* The ability to learn quickly and identify key risks and controls in unfamiliar business environments
* The ability to navigate the organisation with tact and manage relationships at different levels including senior leaders
* The ability to work independently and manage uncertainty
Desirable experience:
* Audit experience including network and infrastructure security, payment card industry compliance, IT general controls, cyber security and regulatory compliance
Additional information:
* The typical travel requirement for the role is approximately 50% depending on circumstances, such as base location and the annual audit programme.
* Internal Audit operates on a principle of eight rounds of fieldwork per year for auditors to plan and prepare for their audit travel several months in advance.
Why join us?
At bp, we provide an excellent working environment and employee benefits such as an open and inclusive culture, a great work-life balance, tremendous learning and development opportunities to craft your career path, life and health insurance, medical care package and many others.
We support our people to learn and grow in a diverse and exciting environment. We believe that our team is strengthened by diversity. We are committed to crafting an inclusive environment in which everyone is respected and treated fairly.
There are many aspects of our employees' lives that are significant, so we offer benefits to enable your work to fit with your life. These benefits can include flexible working options, collaboration spaces in a modern office environment, and others benefits.
Thinking about applying? Learn more about our amazing discretionary UK reward and benefits to help you get the most out of work and life.
Travel Requirement:
Up to 50% travel should be expected with this role.
Relocation Assistance:
This role is not eligible for relocation.
Remote Type:
This position is a hybrid of office/remote working.
Skills:
Auditing, Compliance PCI, Digital fluency, Information Technology (IT) Infrastructure, Information Technology (IT) Risk, Information Technology Auditing, Internal Auditing, Internal IT Audit, Network Security, Network Security Architecture, Payment Card Industry (PCI), Stakeholder Engagement, Stakeholder Management, Technical Auditing.
Legal Disclaimer:
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, socioeconomic status, neurodiversity/neurocognitive functioning, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp's recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us.
If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.
#J-18808-Ljbffr