Entity:
Production & Operations
Job Family Group:
IT&S Group
Job Description:
Organization: bpx Energy - Technology/Enterprise Architecture/Digital Security
Role Summary
The GRC Platform Owner is responsible for end-to-end ownership and continuous improvement of bpx's Digital Security Governance, Risk, and Compliance (GRC) processes and platforms. This role ensures governance activities are efficient, scalable, and aligned with enterprise policies, while enabling delivery teams to operate within defined guardrails.
Key Responsibilities
Platform & Process Ownership
Own and evolve GRC platform ecosystem requirements (ServiceNow / ADO and supporting tools)
Design and maintain standardized GRC processes
Drive automation and simplification
Governance & Decision Authority
Serve as primary decision authority
Define required level of control
Enforce governance policies
Conformance Reporting
Identify conformance reporting requirements and recipients
Deliver conformance reporting, as required
Cross-Functional Leadership
Coordinate across Digital Security, EA, delivery teams, procurement
Guide teams through requirements
Risk Management & Advisory
Coordinate the evaluation of solutions and vendors for risk
Provide risk-informed recommendations
Provide risk-informed approvals for new systems, integrations, and changes
Product & Backlog Ownership
Own GRC backlog and roadmap
Prioritize enhancements
Process Definition & Documentation
Develop and maintain GRC procedures and frameworks
Ensure clarity and accessibility
Performance & Continuous Improvement
Track cycle time and quality metrics
Drive improvements
Qualifications & Experience
GRC in combinedIT and OTenvironments
Analytics,metricsand processdevelopment
Technology management
Bachelor's degree in an engineering or technical field
Hands-on experience with at least one major GRC platform (Archer, ServiceNow, OneTrust)
Demonstrated ability to lead cross-functional initiatives
Strong analytical and communication skills
Key Competencies
Process Ownership & Optimization
Governance & Risk Management
Purdue model technology risk analysis
Cross-Functional Leadership
Product / Platform Thinking
Decision-Making & Accountability
AI Governance and Risk Assessment
Oil and Gas Industry GRC Experience
Role Positioning
This role transitions GRC from execution-focused analysis to ownership of the Digital Security GRC capability, including defining processes, owning platforms, and driving scalability and consistency. The role is also critical in the higher-level Technology GRC program as a key support and leadership role for Enterprise Architecture governance
It will lead 1 to 2 dedicated offshore support resources to grow the platform from its current state (heavily focused on risk assessments) to a mature state with full policy and compliance program documentation review and publishing.
It will coordinate with Digital Security Engineering for technical cyber security system review and risk assessment, and with Digital Security Data Governance for information protection assurance.
Salary and Benefits
We offer a reward and wellbeing package to enable your work to fit with your life. These can include, but not limited to, access to health, vision and dental insurance, flexible working schedule, paid time off policy, discretionary annual bonus program, long-term incentive program, and a generous 401K matching program.?How much do we pay (Base)? $140,000- $180,000
*Note that the pay range listed for this position is a good faith and reasonable estimate of the range of possible base compensation at the time of posting.
Travel Requirement
Up to 10% travel should be expected with this role
Relocation Assistance:
This role is not eligible for relocation
Remote Type:
This position is a hybrid of office/remote working
Skills:
Legal Disclaimer:
We are an equal opportunity employer. We do not discriminate on the basis of protected characteristics like race, religion, color, sex, national origin, sexual orientation, veteran status or disability status. Individuals with an accessibility need may request an adjustment/accommodation related to bp's recruiting process (e.g., accessing the job application, completing required assessments, participating in telephone screenings or interviews, etc.). If you would like to request an adjustment/accommodation related to the recruitment process, please contact us .
If you are selected for a position and depending upon your role, your employment may be contingent upon adherence to local policy. This may include pre-placement drug screening, medical review of physical fitness for the role, and background checks.