DevOps Engineer IAS

What's The Role

Enterprise Technology (ET) is responsible for planning, delivering and managing secure and reliable operations of all common Enterprise Services. Within ET, the Identity Access & Security (IAS) pillar is responsible for services such as Identity and account management, Single Sign on, authentication and authorization services to Shell users, business partners and Shell clients. Within this IAS Pillar the Identity & tools team is responsible for managing Identity Management Service, ID Provider, Active Directory (AD), AD related tools, Account Governance and Crypto and Security (PKI) services such as our Certificate Management Services (CMS), Enterprise Key Management (EKMS), and Universal Smartcard Management Service (UCMS)

We're currently looking for a seasoned DevOps engineer Crypto and security services to play a pivotal role in Shell's IDSO Enterprise Services organization. The IAS DevOps Engineer supports the development and daily operations of Shell's Crypto and Security / Public Key Infrastructure (PKI) services. This role involves supporting the design and development and/or selection, deployment, and lifecycle management of our Crypto and Security (PKI) services to ensure the integrity and security of Shell's business, IT assets and communications

• Complexity and Criticality: the Crypto and Security (PKI) services are highly complex and business critical services
• Level of Change: High pace of change due to modernization of the IT landscape.
  
  

Stakeholders include ET, IAS and other ET Pillars, Business, IAS Domain Natural Teams such project delivery, IAS Architecture, CISO (IRM), Finance and Contracting & Procurement.

What You'll Be Doing

• Support on-going Operations for incident resolution, document solutions to known errors to expedite resolution of incidents and perform root cause analysis to minimize reoccurrence.
• Work on projects to support Go-Live of new features, new hardware, new processes etc. This includes analyzing and understanding business functional and non-functional requirements, as well as assessing implications for the PKI landscape
• Drive efficiencies in systems and processes: capacity planning, performance tuning, monitoring etc
• Ensure the integrity of the application and infrastructure landscape
• Support architectural discussion on roadmap for our key Crypto and Security (PKI) services
• Work with the Domain Natural team, Service Owners, Architects to improve product features, process flow reliability and security (e.g. perform reviews the landscapes for enhancement and continuous improvement opportunities).
  
  

What You Bring

It's your personal skills, business communication skills, experience in Identity Access Management (IAM), IT DevOps and IT Security that will make all the difference in this role.

To be effective in this role you at minimum need to have:

• Minimum Education or Certification: 4-year Degree related to IT
• Minimum 5 years of IT experience in IAM space including relevant expertise and a proven track record in PKI/ Certificate Management Services (CMS)
• Experience in designing PKI roadmap, standards with enterprise security strategy
• Proven experience in designing, implementing, and managing operations of PKI infrastructure and CMS services in an enterprise environment.
• Strong knowledge of PKI principles, digital certificates, encryption algorithms, and cryptographic protocols (e.g., SSL/TLS).
• Hands-on experience with Microsoft ADCS, Certificate providers such as DigiCert, registration Authorities and Hardware Security Modules (HSM)
• Hands-on knowledge of certificate management solutions, with experience working with AppViewX software.
• Experience and expertise in template creation and management processes, with the ability to implement best security practices to streamline access.
• Experience planning crypto-agility and algorithm transition strategies
• Must have strong knowledge of code signing certificates, Verified Mark Certificates (VMC), interception certificates, and various use cases to manage and operate seamlessly.
• Experience in applications support and support processes, specifically ITIL with expertise in Change/release management, vulnerability management, disaster and enterprise recovery scenarios
• Knowledge of and/or experience with managing complicated IT landscapes, including multi-tier architectures, application security, monitoring & storage systems and a clear understanding of application integration with security protocols that adhere to a rigorous IT security baseline.
• Knowledge of and/or experience with Supplier and Vendor Contract Management including Service Level Agreements, Statements of Work,
• Drive implementation of continuous improvement to improve efficiency e.g. automate certificate workflows, improve CMS processes, policies to enhance service delivery
  
  

On top of that we are looking for someone with

• Strong relationship and influencing skills to work with multiple (senior) stakeholders across organizational and business boundaries at all levels, incl. suppliers. You'll need to be a proactive problem-solver and strong communicator as you'll need to communicate with a wide range of stakeholders in IT and business. Same applies when it comes to providing guidance and coaching to internal team/supplier/vendor. You are comfortable working in a global setting, with cross cultural team, working in different time zones
• Self-starter with a can do mentality, strong analytical, problem solving and coordination skills proactive, thinking in solutions and delivering results. Work independently under broad managerial supervision. Deliver the work as assigned, applying documented procedures, frameworks. Guidance provided for those tasks where there are limited precedents available.
  
  

Ideally you also have:

• Experience with IT project management, coordination, or participation (including AGILE & DEVOPS methodologies) throughout the Development, Test, Staging and Post-Production phases as well as knowledge of and/or experience with Operational Readiness for new demand, changes and projects impacting the portfolio and providing sign off with Agreement to Deploy and Agreement to Operate as key milestones.
• Knowledge of IAM (Identity and Access Management) principles or working experience
• Experience with other Crypto and Security (PKI) platform and systems from other vendor such as Fortanix, Axiad, Entrust, Thales, Versasec, etc.
  
  

What We Offer

You bring your skills and experience to Shell and in return you work with talented, committed people on one of the most important challenges facing our planet. You'll have the opportunity to develop the skills you need to grow in an environment where we value honesty, integrity, and respect for one another. You'll be able to balance your priorities as you become the best version of yourself.

• Progress as a person as we work on the energy transition together.
• Continuously grow the transferable skills you need to get ahead.
• Work at the forefront of technology, trends, and practices.
• Collaborate with experienced colleagues with unique expertise.
• Achieve your balance in a value-led culture that encourages you to be the best version of yourself.
• Benefit from flexible working hours, and the possibility of remote/mobile working.
• Perform at your best with a competitive starting salary and annual performance related salary increase our pay and benefits packages are among the best in the world.
• Take advantage of paid parental leave, including for non-birthing parents.
• Join an organization to become one of the most diverse and inclusive in the world. We strongly encourage applicants of all genders, ages, ethnicities, cultures, abilities, sexual orientation, and life experiences to apply.
• Grow as you progress through diverse career opportunities in national and international teams.
• Gain access to a wide range of training and development programs.
  
  

We'd like you to know that Shell has a bold goal: to become one of the world's most diverse and inclusive companies. You can get to know more about how we're working towards that goal, click here.

IMPORTANT NOTE: After you submit your application, you will receive an email providing a link to an online assessment that is a mandatory part of the process. The email will come from HireVue - please check your spam/junk mailbox if you do not see the email. Once completed, your application will be reviewed to determine next steps. Thank you for your interest in Shell.