Digital Security GRC Platform Owner

Responsibilities

• Platform & Process Ownership
• Own and evolve GRC platform ecosystem requirements (ServiceNow / ADO and supporting tools)
• Design and maintain standardized GRC processes
• Drive automation and simplification
• Governance & Decision Authority
• Serve as primary decision authority
• Define required level of control
• Enforce governance policies
• Conformance Reporting
• Identify conformance reporting requirements and recipients
• Deliver conformance reporting, as required
• Cross-Functional Leadership
• Coordinate across Digital Security, EA, delivery teams, procurement
• Guide teams through requirements
• Risk Management & Advisory
• Coordinate the e valuat ion of solutions and vendors for risk
• Provide risk-informed recommendations
• Provide risk-informed approvals for new systems, integrations, and changes
• Product & Backlog Ownership
• Own GRC backlog and roadmap
• Prioritize enhancements
• Process Definition & Documentation
• Develop and maintain GRC procedures and frameworks
• Ensure clarity and accessibility
• Performance & Continuous Improvement
• Track cycle time and quality metrics
• Drive improvements
• Qualifications & Experience
• Combined 10 years' experience (minimum 2 each) in
• GRC in combined IT and OT environments
• A nalytics, metrics and process development
• Technology management
• Bachelor's degree in an engineering or technical field
• Hands-on experience with at least one major GRC platform ( Archer , ServiceNow , OneTrust )
• Demonstrated a bility to lead cross-functional initiatives
• Strong analytical and communication skills
• Key Competencies
• Process Ownership & Optimization
• Governance & Risk Management
• Purdue model technology risk analysis
• Cross-Functional Leadership
• Product / Platform Thinking
• Decision-Making & Accountability
• AI G overnanc e and Risk Assessment
• Oil and Gas Industry GRC Experience
• Role Positioning
• It will lead 1 to 2 dedicated offshore support resources to grow the platform from its current state (heavily focused on risk assessments) to a mature state with full policy and compliance program documentation review and publishing.
• It will coordinate with Digital Security Engineering for technical cyber security system review and risk assessment , and with Digital Security Data Governance for information protection assurance.
• Salary and Benefits
• *Note that the pay range listed for this position is a good faith and reasonable estimate of the range of possible base compensation at the time of posting.
• Travel Requirement
• Up to 10% travel should be expected with this role
• Relocation Assistance:
• This role is not eligible for relocation
• Remote Type:
• This position is a hybrid of office/remote working

Requirements

• Legal Disclaimer:
• If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.

Benefits

Additional Information

Entity: Production & Operations Job Family Group: IT&S Group Job Description: Organization: bpx Energy - Technology/Enterprise Architecture/ Digital Security Role Summary The GRC Platform Owner is responsible for end-to-end ownership and continuous improvement of bpx's Digital Security Governance, Risk, and Compliance (GRC) processes and platforms. This role ensures governance activities are efficient, scalable, and aligned with enterprise policies, while enabling delivery teams to operate within defined guardrails.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at BP? Share your experience