Irm Compliance and Assurance Advisor

**The Role**:
The role is critical in ensuring that IT risk to Shell is reduced to an acceptable level and managed effectively. This is achieved by delivering quality compliance assurance that controls have been executed correctly, in line with actual control descriptions, and are ready for testing by the various testing/auditing bodies, while maintaining that correct key controls are in place to address core risk areas.

You will be responsible for providing on a day-to-day basis operational assurance on IT controls management to:

- Execution / implementation
- Findings and Remediation of findings
- Liaising with Offshore Controls testers
- Liaising with Managed Service Provider/Third Party Provider
- Liaising with Shell external auditors
- Focal point for Shell internal auditors
- Liaise with Central Information Risk Management (cIRM) - Compliance Monitoring Office (CMO) team with regards to Offshore Testing schedules
- Track and ensure control execution is on schedule with timely completion, escalate to SOM Manager and Sr Compliance and Assurance Manager, when necessary.
- Support Management Tester (Offshore Testing (OST)) and Auditors (External & Shell Internal) in coordinating evidence gathering, performing Quality Assurance (QA) check before submitting evidence for operational effectiveness.
- Perform risk impact analysis, propose and drive remediation plans for any control failures.
- Update Compliance Specialist Dashboard with control statuses, portfolio milestone planning, manage resource (when necessary), Management reporting.
- Act as Subject Matter Expert (SME) on Information Risk Management (IRM) compliance and control-related matters.
- Provides advice to management on ways of improving the effectiveness and efficiency of controls.
- Highlight to Services and Operations Management (SOM) Manager, Operations Lead Managers (OLMs) and Sr Compliance & Assurance Manager and potential Audit or Management Testing findings.
- Co-ordinate the integration between the Information Risk Management (IRM) function, Risk Specialist, and ERP SOM Operations on controls e.g. IT Controls Framework alignment, Risk Assessments.
- Co-ordinate the integration between the SOM Process team and Operations team on process improvements.
- Assist with Transition to Support control activities such as controls design testing.
- Liaise with Managed Service Provider/Vendor on Information Risk Management (IRM) compliance and control-related matters.
- Coach and provide trainings, where necessary.

**Dimensions and Special Challenges**
- No direct reports
- Virtual working in a global environment with culturally diverse teams
- Managing multiple delivery priorities and multiple demand requests
- Working with multiple stakeholders in various organizations
- Risks - License to Operate, Global reputation, $100's of millions at risk
- Failure within these systems could have effects on Shell's reputation and ability to participate in these markets and fines would be very substantial
- If this job is not done well and accurately, any/all of the repercussions above could occur.

**Requirements**:
**Qualifications and Skills**

Mandatory (if there are shift work requirements, please place a statement with this requirement in this section. Split of skills in Mandatory and Preferred is required)
- Minimal 5 years of experience in compliance
- Sound understanding of ITIL processes
- Proven experience and record of results in IT Governance, Risk and/or Assurance role or domain in the last 5 years.
- Proven experience in a business transformation and/or organisation change management programme or project, where a lead position was held.
- Experience of SOX and Information Security policies and procedures
- Ability to champion continuous improvement changes and addresses any issues that might prevent those changes from being successful.
- Relationship management skills with key business/IT stakeholders whilst still being able to constructively challenge.
- Ability to work with teams across organizational boundaries, different cultures and different time zones in a global, virtual environment.
- Proven record of delivering against stretch targets
- Team player, works effectively with all levels in organization (business & IT)
- Track record of leading, coaching and developing others
- Self-starter with Good analysis and problem-solving skills
- Strong stakeholder, interpersonal relationship, and negotiation skills
- Strong communication skills and Ability to drive meetings with senior stakeholders and influence outcomes

**Preferred**
- Affiliated with or a professional member of the ISACA bodies.
- Self-starter with excellent analysis and problem-solving skills.
- Ability to drive change.
- Advantages with COBIT, ISO, ITIL and Other related Compliance & Security certifications.
**Disclaimer