Risks and Controls Advisor

What's The Role
As a Risk and Controls Advisor, you'll be at the heart of Business Integration & Compliance SOM, ensuring information risks are identified, managed, and mitigated to keep our operations secure and compliant. You'll partner with senior stakeholders across Information & Digital Technology (IDT) – including the CISO organization, Finance (GRA), Shell Internal Audit and Investigations (SIAI), and external auditors – while shaping and improving the IT Risk & Compliance landscape for Downstream, Trading, and Renewables (DTR) SOM.

In this role, you'll drive a culture of compliance, embed next-generation CISO solutions, and lead initiatives in Controls Management, Audit Management, and CISO projects. Success requires strong leadership, collaboration across global teams, and the ability to bridge technical, commercial, and cybersecurity disciplines. If you have a solid compliance background and thrive in dynamic environments, this is your opportunity to make a real impact.

What You'll Be Doing

• Support the design and implementation of controls for new projects and operational deployments, ensuring they are accurate and designed 'first time right' before handover.
• Act as a subject matter expert on IT General Controls, including design, execution, and compliance with SOX and other legal or regulatory requirements, focusing on a specific business area within DTR SOM.
• Facilitate the end-to-end internal assurance activities, including second and third lines of defense reviews, working closely with internal teams and external auditors.
• Support the implementation efforts of CISO initiatives such as Issues Management, Risk Acceptances, Risk Management (RMF) and other CISO Special Projects are executed as per agreed plan and timelines.
• Act as a key point of contact for risk and audit teams, ensuring clear communication and alignment across all stakeholders.
• Lead efforts in vulnerability and information management, collaborating with teams to meet annual performance goals.
• Help build and strengthen the capabilities of control owners and operators to maintain consistent risk and control practices across systems and infrastructure.
• Drive continuous improvement through automation, standardization, and process optimization to reduce compliance complexity.
• Embed a proactive approach to compliance in day-to-day operations, continuously enhancing processes and skillsets across the organization.

What You Bring

• 5-8 years of experience in Information Security or Risk Management
• A bachelor's degree in IT or a related field
• Hands-on experience with IT security audits (internal and external), risk management, and implementing and testing information risk management controls
• Strong knowledge of IT security standards, control framework (COBIT), and legal compliance requirements
• Industry-recognized certifications such as ISO 27001, CISM, or CISSP
• Solid understanding of information risk management and its impact on application development, operations, and IT infrastructure
• Ability to assess and balance risk management needs with cost considerations
• Skill in translating technical risk control objectives into clear, business-relevant language for stakeholders
• Excellent verbal and written communication and presentation skills
• Strong interpersonal and negotiation skills, with the ability to engage effectively at all levels of the organization
• Ability to lead through influence rather than formal authority
• Proven ability to thrive in high-performing, inclusive teams that embrace cultural diversity and work across organizational boundaries
• Demonstrated ability to work effectively in a global, complex environment with multiple stakeholders
• Highly motivated, collaborative, and capable of working independently with minimal supervision

What We Offer
You bring your skills and experience to Shell and in return you work with talented, committed people on one of the most important challenges facing our planet. You'll have the opportunity to develop the skills you need to grow in an environment where we value honesty, integrity, and respect for one another. You'll be able to balance your priorities as you become the best version of yourself.

• Progress as a person as we work on the energy transition together.
• Continuously grow the transferable skills you need to get ahead.
• Work at the forefront of technology, trends, and practices.
• Collaborate with experienced colleagues with unique expertise.
• Achieve your balance in a value-led culture that encourages you to be the best version of yourself.
• Benefit from flexible working hours, and the possibility of remote/mobile working.
• Perform at your best with a competitive starting salary and annual performance related salary increase – our pay and benefits packages are among the best in the world.
• Take advantage of paid parental leave, including for non-birthing parents.
• Join an organization to become one of the most diverse and inclusive in the world. We strongly encourage applicants of all genders, ages, ethnicities, cultures, abilities, sexual orientation, and life experiences to apply.
• Grow as you progress through diverse career opportunities in national and
• international teams.
• Gain access to a wide range of training and development programs.

We'd like you to know that Shell has a bold goal: to become one of the world's most diverse and inclusive companies. You can get to know more about how we're working towards that goal, click here.

IMPORTANT NOTE: After you submit your application, you will receive an email providing a link to an online assessment that is a mandatory part of the process. The email will come from HireVue - please check your spam/junk mailbox if you do not see the email. Once completed, your application will be reviewed to determine next steps. Thank you for your interest in Shell.