What's The Role
As part of Shell's Enterprise Risk Services (ERS) team supporting Digital Platforms, this role plays a critical part in embedding secure development practices and strengthening risk and control capabilities across our technology landscape. The successful candidate will bring a blend of GRC (Governance, Risk & Compliance) knowledge with Application Security (AppSec) expertise, product development experience, to help drive Shell's digital resilience. This role supports the CISO's Vision 2030 ambitions Be Competitive, Be Inspired, and Be Resilientand contributes to our purpose: Protect today, Secure tomorrow.
What You'll Be Doing
- Support alignment with Shell's GRC frameworks, policies, and control standards across digital platforms.
- Partner with development teams to remediate security findings, help build and promote secure software architecture and design patterns.
- Contribute to DevSecOps enablement through automation of security controls and integration into Continuous Delivery Pipeline.
- Pull request reviews and issue triage with a strong emphasis on secure coding standards, code quality, and effective risk mitigation.
- Support GitOps-based deployment workflows, integrating security tool insights and audit findings to improve system integrity and compliance.
- Champion security awareness and continuous improvement across Agile and engineering communities.
What You Bring
Mandatory
- Bachelor's in Information Technology or related degree with minimum 9 years relevant experience in Governance, Risk & Compliance (GRC).
- Proficient in GRC with a balanced risk-opportunity mindset and strong security focus, driving decisions aligned with strategic priorities, impact and cost.
- Familiarity with industry standards and regulatory requirements like NIST, GDPR.
- Strong knowledge of security vulnerabilities and secure coding frameworks, including OWASP Top 10, OWASP ASVS and MITRE ATT&CK.
- Skilled in securing the software supply chain and integrating security workflows, with experience in GitOps practices and tools like Apiiro, Dependabot.
- Skilled in threat modeling across cloud platforms such as AWS, Azure, as well as container orchestration platforms like Kubernetes.
- Experience in application development with proficiency in Shell scripting, Python, and other programming languages, leveraging automation to secure complex systems.
- Effective collaboration in Agile Release Train (ART) environments with strong business focused communication and stakeholder engagement skills.
Preferred
- Experience in leading IT/OT convergence initiatives to enable secure and integrated operations.
- Proficient in enhancing secure operations and engineering efficiency across distributed systems through developer experience platforms that reduce cognitive load, like Backstage, Cortex.
- Certifications such as AWS Certified DevOps Engineer, Azure DevOps Engineer, CKS, CSSLP and SAFe DevOps Practitioner.
What We Offer
You bring your skills and experience to Shell and in return you work with talented, committed people on one of the most important challenges facing our planet. You'll have the opportunity to develop the skills you need to grow in an environment where we value honesty, integrity, and respect for one another. You'll be able to balance your priorities as you become the best version of yourself.
- Progress as a person as we work on the energy transition together.
- Continuously grow the transferable skills you need to get ahead.
- Work at the forefront of technology, trends, and practices.
- Collaborate with experienced colleagues with unique expertise.
- Achieve your balance in a value-led culture that encourages you to be the best version of yourself.
- Benefit from flexible working hours, and the possibility of remote/mobile working.
- Perform at your best with a competitive starting salary and annual performance related salary increase our pay and benefits packages are among the best in the world.
- Take advantage of paid parental leave, including for non-birthing parents.
- Join an organization to become one of the most diverse and inclusive in the world. We strongly encourage applicants of all genders, ages, ethnicities, cultures, abilities, sexual orientation, and life experiences to apply.
- Grow as you progress through diverse career opportunities in national and international teams.
- Gain access to a wide range of training and development programs.
We'd like you to know that Shell has a bold goal: to become one of the world's most diverse and inclusive companies. You can get to know more about how we're working towards that goal, click here.
IMPORTANT NOTE: After you submit your application, you will receive an email providing a link to an online assessment that is a mandatory part of the process. The email will come from HireVue - please check your spam/junk mailbox if you do not see the email. Once completed, your application will be reviewed to determine next steps. Thank you for your interest in Shell. 
