Irm Compliance and Assurance Advisor

**The Role**:
**Where you fit in**

Shell began operations in India more than 80 years ago. At Shell India, we invest in our people through our industry-leading development programmers, which see our employees thrive and gain access to experts on a local and global level. To date, we have invested more than US$ 1 billion already in India’s energy sector alone, in socially and environmentally responsible ways. Shell is the only global major to have a fuel retail license in India. Shell aims to establish a new IT hub in Bangalore, and scale it up over a five-year period.

**What’s the role**
- Your further responsibilities will include: The Information Risk Management Compliance and Assurance Advisor are horizontal within this team taking care of the Information Risk, Compliance and Assurance activities.

Accountabilities:

- Shape and drive a comprehensive embedded approach towards control self-assessment Business As usual activities across the unit. The key focus areas would be
- IT General Controls Monitoring
- SOX, FCM, BC
- Externally Facing Application controls, Production and Non-Production Environment controls
- Finding Management (Closure)
- Act as “LOD-1” and demonstrate that “Management in Control” has ownership, responsibility, and accountabilities for mitigating risks.
- Face off with LOD-2 and LOD-3 “Audits (both external and internal)”.
- Ensure the IRM activities like Controls execution, management testing for BAU, Risk Management, Audit Management and Vulnerability Management are executed as per the agreed plan and timelines
- Drive Continuous Improvement through various levers like automation, standardization, & rationalization of IRM LOD1 activities thereby reducing the compliance burden
- Support Internal and external audits, perform pre-audit health checks and monitor effective Internal Actions close out.
- Evaluate SOC II reports for sufficiency and drives risk mitigation for open risks
- Ensure appropriate and sufficient IT general controls are in place and operated effectively
- Understand Technology Landscape (Application and Infrastructure) and proactively review in-scope landscape for risks writ threats and vulnerabilities, legal and regulatory compliance
- Perform Security Assessment on vendor offerings - New/Leveraging existing (SAAS / PAAS/IAAS) services
- Strong interpersonal, communication, teamwork and negotiating skills.
- Be the primary interface with many different groups within and outside of Information Risk Management, and network globally across Group businesses and with external groups.
- Influence and deliver across organizational boundaries.

**What we need from you**
- At least 5-8 years overall experience
- With 4-7 years of experience in Information Risk Management.
- Bachelor's degree graduate
- Demonstrated understanding and experience with IT security audits (both internal and external), Risk management, and Information Risk Management control selection, implementation, and testing.
- Advanced understanding of the internal and external IT security standards, and relevant legal compliance aspects.
- The ability to assess and balance Information Risk Management needs and standards considering risk and cost.
- Ability to translate risk control objectives into meaningful business risk language for service controls owners
- Technical awareness across most supported infrastructure platforms (Windows, Linux, clusters, virtual workspace, PCD, Cloud).
- Excellent verbal and written presentation skills.
- Ability to work in a global, complex environment with multiple stakeholders.
- You must be highly motivated with good communication skills proven ability to work within a team environmentthe and ability to work unsupervised.
- Understanding of IT Service Delivery in a multinational company to deliver IT services via multiple Working Companies to multiple Operating Business Companies receiving the services.
- Strong relationship skills to work with multiple stakeholders across organizational and business boundaries at all levels
- Relevant experience preferably in Application Development & Support / Project Management.
- Good understanding of Project Delivery Framework.
- Ability to promote, participate in and/or lead high-performance teams working with inclusiveness, and cultural diversity and crossing organizational boundaries.

COMPANY DESCRIPTION

Shell is a global energy company where we work towards powering progress through more and cleaner energy solutions. We use advanced technologies and take an innovative approach to help build a sustainable energy future. In India Shell has its business footprint in Information Technology, Projects & Technology, Finance Operations, Integrated Gas, Downstream & Upstream spread across more than 7 main locations.

An innovative place to work

Join us and you’ll be adding your talent and imagination to a business with the ambition to shape the future - whether by investing in renewables, exploring new ways to st