Irm Compliance and Assurance Advisor - Bengaluru, India - Shell

Shell
Shell
Verified Company
Bengaluru, India

1 week ago

Deepika Kaur

Posted by:

Deepika Kaur

beBee Recuiter
Description

The Role:


Where you fit in?

What's the Role?


The role is critical in ensuring that IT risk to Shell is reduced to an acceptable level and managed effectively.

This is achieved by delivering quality compliance assurance that controls have been executed correctly, in line with actual control descriptions, and are ready for testing by the various testing/auditing bodies, while maintaining that correct key controls are in place to address core risk areas.

You will be responsible for providing on a day-to-day basis operational assurance on IT controls management and risk management to:

  • Control Execution within GF SOM portfolio
  • Findings and Remediation of findings
  • Liaising with FO-IRM Controls testers
  • Liaising with Managed Service Provider/Third Party Provider (if any)
  • Liaising with Shell External Auditors
  • Focal point for Shell Internal Auditors

Accountabilities

  • Liaise with Central Information Risk Management (cIRM)
  • Compliance Monitoring Office (CMO) team with regards to FO-IRM Testing schedules
  • Compliance monitoring tracking and ensuring control execution is on schedule with timely completion, remediate if any deficiency and escalate to SOM Manager and Lead/Senior Compliance Specialist.
  • Support Management Tester (FO-IRM Tester) and Auditors (External & Shell Internal) in coordinating evidence gathering, performing Quality Assurance (QA) check before submitting evidence for operational effectiveness.
  • Perform risk impact analysis, propose and drive remediation plans for any control failures/deficiency.
  • Present Compliance Dashboard with control statuses, portfolio milestone planning, manage resource (when necessary), incharge of Management reporting for own portfolio.
  • Act as Subject Matter Expert (SME) on Information Risk Management (IRM) compliance and controlrelated matters.
  • Provides consultation to management on ways of improving the effectiveness and efficiency of controls.
  • Highlight to Services and Operations Management (SOM) Manager, Operations Lead Managers (OLMs) and Lead Compliance Specialist any potential Audit or Management Testing findings.
  • Coordinate the integration between the Information Risk Management (IRM) function, Risk Specialist and GF SOM Operations on controls e.g. IT Controls Framework alignment, Risk Assessments.
  • Coordinate the integration between the SOM Process team and Operations team on process improvements.
  • Assist with Transition to Support control activities such as controls design testing.
  • Liaise with Managed Service Provider/Vendor on Information Risk Management (IRM) compliance and controlrelated matters.
  • Coach and provide trainings to support team to strengthen security and compliance cultures, where necessary.

What we need from you?

Qualifications and Skills Mandatory

  • Degree holder with relevant experience preferably in IT Application Development & Support / Project Management
  • Minimal 58 years IT experience and 3 years IT audit or risk management experience control assurance, information systems / security audits and compliance audits
  • Experience with Sarbanes-Oxley (SOx) Compliance, Financial Control Manual (FCM), Information Security Controls, policies and procedures (i.e. ISO27000/ISO27001, Data Privacy Act (HIPAA), etc.), SAS 70/SSAE 16)
  • Selfstarter with good analytical ability, attention to detail and problemsolving skills
  • Ability to work independently with minimum supervision
  • Ability and desire to drive efficiency and seek Continual Improvement across the role
  • Highly conversant in English, spoken and written, with proven communication
  • Strong stakeholder management, interpersonal relationship, communication and negotiation skills.
  • Proven ability to deliver results in a virtual crosscultural organization and driving delivery excellence through influence and team working
  • Understanding of business support requirements

Dimensions and Special Challenges

  • No direct report
  • May have indirect report e.g. Managed Services from vendor organization
  • This position is direct report to Compliance, Security Manager
  • Virtual working in a global environment with culturally diverse teams.
  • Managing multiple delivery priorities and multiple demand requests. Working with multiple stakeholders in various organizations.
  • Compliance assurance to sustain Shell License to Operate and Shell global reputation
  • Failure within these systems could have effects on Shell's reputation and ability to participate in these markets and fines would be very substantial
**Translated Company Description


Preferred

  • CISA/CISM/CRISC/CISSP certification or other related Compliance certifications.
  • Strong awareness of the evolving threat landscape, main vulnerabilities and other weaknesses that our IT solutions need to avoid
  • Actual understanding of the IT business environment will be considered as advantageous.

COMPANY DESCRIPTION

An innovative place to work
There's never been a more exciting
More jobs from Shell
See all jobs of Shell