Shell Senior Risk and Controls Advisor - Houston, TX in Houston, Texas
Senior Risk and Controls Advisor - Houston, TX
No. of Positions:
Where you fit
You’ll be part of our Global Information Risk Management (IRM) team who works together to address Information Risks, effectively and efficiently, upholding our reputation as an industry leader amongst our peers and key security service suppliers.
What’s the role?
The role is to define how risk is assessed and controls applied. That includes communicating preventative measures to the business and identifying threats and vulnerabilities via our Cyber Resilience function. We deal with potential business impacts worth billions of dollars: HSSE impacts, production loss, financial and maintenance operations loss, loss of most confidential bidding data.
Act as an Information Risk and Compliance Advisor.
Understand Technology Landscape (Application and Infrastructure) and proactively review Shell’s information security and related risks with regards to threats and vulnerabilities, legal and regulatory compliance.
Facilitate smooth conduct of Risk Assessment (including Legal & Regulatory) on Applications, Network& Systems.
Perform end to end Security Assessment on vendor offerings – New/Leveraging existing (SAAS / PAAS/IAAS) services including integration with Shell environment.
Translate Technical, legal and Regulatory Compliance obligations into a cohesive collection of Security Controls and provides the respective stakeholders with the IRM requirements and its implementation methodologies.
Collaborate with Controls Testing Team and ensure all the controls outlined for an application/Infrastructure are designed effectively.
Coordinate in conducting VAPT (Vulnerability Assessment and Penetration Test), Review VA-PT results and recommend the risks to be remediated.
Work with Project Managers, Business Analysts, Architecture and Support Team to ensure Shell IRM standards are being.
Ensure all the risks are documented, classified and addressed with appropriate action as per the IRM standards.
Active participation in driving education and awareness of Information security related issues and risks to Business/Business IT Teams.
Support in development of tooling to support IRM processes and ensuring this is fit for purpose;
Actively participate in reviewing and improving the Information Security Controls implemented in the organization.
Active participation in the Assurance and Architecture level discussions in the engagements.
Actively participate in IRM team and community meetings, representing IRM and Business interests in applying setting standards and policies for the Group and the businesses, leading to a fit for purpose, evergreen IRM framework.
Support during Internal /External Audit.
Ensure that IRM continues to focus on risks significant to the Business, with emphasis on innovation.
Auto req ID:
Country of Work Location:
Shell is a global group of energy and petrochemical companies with about 84,000 employees across more than 70 countries. We aim to meet the world’s growing need for more and cleaner energy solutions in ways that are economically, environmentally and socially responsible. We have expertise in exploration, production, refining and marketing of oil and natural gas, and the manufacturing and marketing of chemicals.
As a global energy company operating in a challenging world, we set high standards of performance and ethical behaviors. We are judged by how we act and how we live up to our core values of honesty, integrity and respect for people. Our Business Principles are based on these. They promote trust, openness, teamwork and professionalism, as well as pride in what we do and how we conduct business.
Building on our core values, we aspire to sustain a diverse and inclusive culture where everyone feels respected and valued, from our employees to our customers and partners. A diverse workforce and an inclusive work environment are vital to our success, leading to greater innovation and better energy solutions.
An innovative place to work
There’s never been a more exciting time to work at Shell. Everyone here is helping solve one of the biggest challenges facing the world today: bringing the benefits of energy to everyone on the planet, whilst managing the risks of climate change.
Join us and you’ll add your talent and imagination to a business with the power to shape the future – whether by investing in renewables, exploring new ways to store energy or developing technology that helps the world to use energy more efficiently.
A rewarding place to work
Combine our creative, collaborative environment and global operations with an impressive range of benefits and joining Shell becomes an inspired career choice.
We’re huge advocates for career development. We’ll encourage you to try new roles and experience new settings. By pushing people to reach their potential, we frequently help them find skills they never knew they had, or make career moves they never thought possible.
Please note: We occasionally amend or withdraw Shell jobs and reserve the right to do so at any time, including prior to the advertised closing date.
Before applying, you are advised to read our data protection policy. This policy describes the processing that may be associated with your personal data and informs you that your personal data may be transferred to Royal Dutch/Shell Group companies around the world.
The Shell Group and its approved recruitment consultants will never ask you for a fee to process or consider your application for a career with Shell. Anyone who demands such a fee is not an authorised Shell representative and you are strongly advised to refuse any such demand.
Shell participates in E-Verify.
All qualified applicants will receive consideration for employment without regard to race, color, sex, national origin, age, religion, disability, sexual orientation, gender identity, protected veteran status, citizenship, genetic information or other protected status under federal, state or local laws.
Shell is an Equal Opportunity Employer - Minorities/Females/Veterans/Disability.
What we need from you
Must have legal authorization to work in the US on a full-time basis for anyone other than current employer.
Bachelor's Degree required
Minimum 5 years of experience in an (Information) Risk and Control Advisory role coupled with a qualification in CISSP, CISA, CRISC or CISM and substantial experience with internal and external IT security standards, SOX, PCI, SOC2/1, ISO27001 standards and relevant legal compliance aspects.
Technical knowledge & relevant experience in security domains /technologies related to:
Identity and Access Management.
Business Impact Assessment.
Data Leakage Prevention.
Web filtering technologies, Proxies and firewalls.
Knowledge of Data Security Standards: PCI DSS, Privacy Principles;
Driving Platform / Application security and compliance.
City, State (if applicable):
- Shell Jobs