Sorry, this job is no longer available.

(Loading More Opportunities)

Risk & Control Advisor UPT UP IG RES

The IRM (Information Risk Management) role is to ensure that Shell addresses Information Risks in an effective and efficient manner, commensurate with Shell risk appetite. Within IRM, the Risk Advisory team provides advisory and assurance to key projects and new technologies supporting PTUPIGNE capability.
Where you fit in
The PTUPIGNE Common Functions risk advisory team is part of the IRM Risk Advisory team, which covers advisory and assurance support for new projects, new technologies as well as the advice and assurance for operational services and capabilities, in an ever-changing environment with technical as well as regulatory requirements, in a fast-changing business dynamic.
The overall team's aim is to balance risk vs costs, and provide expert advice supporting secure, reliable and compliant services, with specific focus on the business portfolio needs for the common, centrally supported, functions in the combined IT line of business for PTUPIGNE.
The Role requires a clear understanding of Shell's strategic intent for Market Standard and develop new capabilities within the team and also be able to provide needed advisory to LOD1 (IT Engineering, ITSO, ITM and other stakeholders).
The purpose of this position is to:
Be a 'trusted advisor' providing risk advisory on IT projects and new technologies associated with Enterprise platforms and capabilities.
Define security policies, processes, guidelines related to new technologies, solutions, standards and regulations and advise on implementation requirements.
Review and provide assurance on risk identification and mitigations.
Improve and contribute to risk and control requirements and associated policies and guidance.
Provide guidance and training in risk management processes to various stakeholders (Business, operations/LoD1, PM's etc.
Accountabilities of the role includes:
Provide assurance on control objectives and requirements and associated policies and guidance.
Facilitates risk assessment process.
Provides SME support to risk response and risk acceptance in line with framework boundaries.
Review and advise on information security risks of vendor offerings - New/leveraging existing (SAAS / PAAS/IAAS) services including integration with Shell environment.
Translate Technical, legal and Regulatory Compliance obligations into a cohesive collection of Security Controls. Provide respective stakeholders with the IRM requirements and its implementation methodologies.
Work with Project Managers, Business Analysts, Architecture and Support Team to ensure Shell IRM standards are being followed.
Ensure all the controls outlined for an application/Infrastructure are designed effectively.
Ensure all the risks are documented, classified and addressed with appropriate action as per the IRM standards.
Drive education and awareness of Information security related issues and risks to Business/Business IT Teams.
Actively participate in reviewing and improving the Information Security Controls implemented in the organization.
The dimension of the role includes:
Working on Enterprise-wide, critical, projects for ITSO organization.
Works closely with LOD1 teams on risk assessment advisory and assurance.
SME covering security, risk as well as compliance aspects supporting Project Delivery staff/Business / Business IT teams.
Support in risk assurance and audits as risk SME.
Key Hard Skills Required:
At minimum 5+ years in IRM function, preferably aligned with control framework best practices and risk management.
Understand security standards, frameworks and regulations like ISO 27001, NIST, PCI etc.
Ability to challenge/question the responses provided for the finding's treatment plan provided by the business.

Ability to identify, articulate and drive the project/application related findings to closure.
Understand the technology risk landscape and interpret the findings into a business understandable language.
Understanding of specific governance and overall processes of the Shell Group.
Good understanding and experiences with Audit (both internal and external) and Risk management.
The ability to network globally across Group businesses, as well as with external groups.
Advocate one IRM community.
Key Soft Skills Required:
Display excellent communicating and stakeholder management skills.
Be Pro-active and self-motivated.
Display Analytical and problem-solving skills.
'Reskilling Opportunity - Candidates who do not yet have all prerequisite skills as described in this job description can apply for this role and may be considered on the basis that they have relevant adjacent skills and will complete a reskilling programme to acquire the prerequisite skills.'
bangalore, KA, IN