Senior Risk and Controls Advisor - Houston TX

Profile

110920BR

Job Title:

Senior Risk and Controls Advisor - Houston, TX

No. of Positions:

2

Job Description:

This is a responsible and rewarding role – as well as helping assess Information Risk across Shell, you’ll help to educate the wider business on how they can work safely and securely from an IT perspective.

You’ll be part of our Global IRM team who works together to address Information Risks, effectively and efficiently, upholding our reputation as an industry leader amongst our peers and key security service suppliers.

Broadly, our role is to define how risk is assessed and controls applied. That includes communicating preventative measures to the business and identifying threats and vulnerabilities via our Cyber Resilience function. We deal with potential business impacts worth billions of dollars: HSSE impacts, production loss, financial and maintenance operations loss, loss of most confidential bidding data.

You’ll be the face of IRM, working with Project Managers, Business Analysts, Architecture and the Support Team to educate teams on risk and help them to make risk-aware decisions regarding confidentiality, integrity, availability, and legal & regulatory. You’ll need to understand the technology landscape and proactively review Shell’s information security and related risks, threats and vulnerabilities.

It’s about making sure the right security controls are in place and tested. You’ll be trusted to ensure that projects that originate from different global locations are risk assessed and reviewed for information security. You’ll also take care of end-to-end security assessments on vendor offerings and carry out VAPT tests and make recommendations based on the results. All in all, it’s a broad-ranging, responsible role.

We’re keen to hear from proactive men and women who have natural communication and influencing skills – you’re someone who enjoys cultivating partnerships with stakeholders and cutting through complex IT issues with clear business language. Add to that problem-solving flair and enthusiasm for learning new technologies, and we’d love to hear from you.

Auto req ID:

110920BR

Skillpool:

Information Technology

Country of Work Location:

United States

Company Description:

Shell is a global group of energy and petrochemical companies with about 84,000 employees across more than 70 countries. We aim to meet the world’s growing need for more and cleaner energy solutions in ways that are economically, environmentally and socially responsible. We have expertise in exploration, production, refining and marketing of oil and natural gas, and the manufacturing and marketing of chemicals.

As a global energy company operating in a challenging world, we set high standards of performance and ethical behaviors. We are judged by how we act and how we live up to our core values of honesty, integrity and respect for people. Our Business Principles are based on these. They promote trust, openness, teamwork and professionalism, as well as pride in what we do and how we conduct business.

Building on our core values, we aspire to sustain a diverse and inclusive culture where everyone feels respected and valued, from our employees to our customers and partners. A diverse workforce and an inclusive work environment are vital to our success, leading to greater innovation and better energy solutions.

Disclaimer:

Please note: We occasionally amend or withdraw Shell jobs and reserve the right to do so at any time, including prior to the advertised closing date.

Before applying, you are advised to read our data protection policy. This policy describes the processing that may be associated with your personal data and informs you that your personal data may be transferred to Royal Dutch/Shell Group companies around the world.

The Shell Group and its approved recruitment consultants will never ask you for a fee to process or consider your application for a career with Shell. Anyone who demands such a fee is not an authorised Shell representative and you are strongly advised to refuse any such demand.

Shell participates in E-Verify.

All qualified applicants will receive consideration for employment without regard to race, color, sex, national origin, age, religion, disability, sexual orientation, gender identity, protected veteran status, citizenship, genetic information or other protected status under federal, state or local laws.

Shell is an Equal Opportunity Employer - Minorities/Females/Veterans/Disability.

Work Location:

Houston

Requirements:

Legal right to work in the United States without sponsorship.

Minimum 5 years of experience in an (Information) Risk and Control Advisory role coupled with a qualification in CISSP, CISA, CRISC or CISM and substantial experience with internal and external IT security standards, SOX, PCI, SOC2/1, ISO27001 standards and relevant legal compliance aspects. Technical knowledge & relevant experience in security domains /technologies related to:

Infrastructure/Network security;

Identity and Access Management;

Business Impact Assessment;

Application security;

Data Leakage Prevention;

End-Point Protection;

Web filtering technologies, Proxies and firewalls;

Cloud security;

Knowledge of Data Security Standards: PCI DSS, Privacy Principles;

Driving Platform / Application security and compliance.

Understand Technology Landscape (Application and Infrastructure) and proactively review Shell’s information security and related risks with regards to threats and vulnerabilities, legal and regulatory compliance;

Facilitate smooth conduct of Risk Assessment (including Legal & Regulatory) on Applications, Network& Systems;

Perform end to end Security Assessment on vendor offerings – New/Leveraging existing (SAAS / PAAS/IAAS) services including integration with Shell environment;

Translate Technical, legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies;

Collaborate with Controls Testing Team and ensure all the controls outlined for an application/Infrastructure are designed effectively;

Coordinate in conducting VAPT (Vulnerability Assessment and Penetration Test), Review VA-PT results and recommend the risks to be remediated;

Work with Project Managers, Business Analysts, Architecture and Support Team to ensure Shell IRM standards are being;

Ensure all the risks are documented, classified and addressed with appropriate action as per the IRM standards;

Active participation in driving education and awareness of Information security related issues and risks to Business/Business IT Teams;

Support in development of tooling to support IRM processes and ensuring this is fit for purpose;

Actively participate in reviewing and improving the Information Security Controls implemented in the organization;

Active participation in the Assurance and Architecture level discussions in the engagements;

Actively participate in IRM team and community meetings, representing IRM and Business interests in applying setting standards and policies for the Group and the businesses, leading to a fit for purpose, evergreen IRM framework;

Support during Internal /External Audit;

Ensure that IRM continues to focus on risks significant to the Business, with emphasis on innovation.

City, State (if applicable):

Houston, TX

Company info

Shell .
Website : https://www.shell.com