Sr. Risk and Controls Advisor

What's The Role

As a Senior Risk and Controls Advisor within Business Integration & Compliance SOM, you will ensure that all information risks are identified, managed, and mitigated supporting a strong Management in Control environment. This role partners with senior stakeholders across IT organization, including Cyber & Information Security Office (CISO), Governance, Risk, and Assurance (GRA) in Finance, Shell Internal Audit & Investigations (SIAI), and external auditors, while continuously improving the IT Risk & Compliance framework for Downstream and Renewables team.

You will work closely with operations team, Business Information Security, and the IRM/CISO organization to embed next-generation risk solutions, drive timely remediation of vulnerabilities, and foster a culture of compliance. Additionally, you'll identify opportunities for continuous improvement across the risk and compliance landscape.

What You'll Be Doing

• Support the transition of control design activities for new projects and operational deployments as required, ensuring controls are designed first time right.
• Act as a subject matter expert on IT General Controls, SOX, and regulatory compliance for a specific Class of Business.
• Facilitate end-to-end internal assurance processes (LOD2 and LOD3) in collaboration with stakeholders and auditors.
• Support CISO (IRM) initiatives, including Findings Management, Risk Acceptances, RMF, and special projects, ensuring timely execution.
• Partner with IRM/CISO teams and internal/external audit functions to maintain strong risk governance.
• Drive vulnerability and information risk management discussions aligned with annual performance targets.
• Build and enhance the capabilities of Control Owners and Operators to sustain robust risk and control practices.
• Promote continuous improvement through automation, standardization, and rationalization of IRM activities to reduce compliance burden.
• Embed a comprehensive approach to BAU controls, audit management, and IRM projects across the Downstream IT teams.
• Collaborate globally across disciplines to bridge technical, commercial, and risk management expertise.
  
  

What You Bring

• Bachelor's degree in IT or related field
• 812 years of experience in Information Security, Risk Management, and Controls & Compliance
• Demonstrated experience with IT security audits (internal and external), risk management, and control selection, implementation, and testing
• Advanced understanding of IT security standards and relevant legal compliance requirements
• Industry-recognized certifications such as ISO 27001, CISM, CISA, CISSP, or other compliance certifications preferred
• Strong understanding of Information Risk Management and its impact on application development, operations, and IT infrastructure
• Ability to assess and balance risk management needs and standards considering risk and cost
• Skill in translating risk control objectives into clear business language for service control owners
• Excellent verbal and written presentation skills
• Ability to work effectively in a global, complex environment with multiple stakeholders
• Highly motivated with strong communication skills and proven ability to work independently and within a team
  
  

What We Offer

You bring your skills and experience to Shell and in return you work with talented, committed people on one of the most important challenges facing our planet. You'll have the opportunity to develop the skills you need to grow in an environment where we value honesty, integrity, and respect for one another. You'll be able to balance your priorities as you become the best version of yourself.

• Progress as a person as we work on the energy transition together.
• Continuously grow the transferable skills you need to get ahead.
• Work at the forefront of technology, trends, and practices.
• Collaborate with experienced colleagues with unique expertise.
• Achieve your balance in a value-led culture that encourages you to be the best version of yourself.
• Benefit from flexible working hours, and the possibility of remote/mobile working.
• Perform at your best with a competitive starting salary and annual performance related salary increase our pay and benefits packages are among the best in the world.
• Take advantage of paid parental leave, including for non-birthing parents.
• Join an organization to become one of the most diverse and inclusive in the world. We strongly encourage applicants of all genders, ages, ethnicities, cultures, abilities, sexual orientation, and life experiences to apply.
• Grow as you progress through diverse career opportunities in national and
• international teams.
• Gain access to a wide range of training and development programs.
  
  

We'd like you to know that Shell has a bold goal: to become one of the world's most diverse and inclusive companies. You can get to know more about how we're working towards that goal, click here.

IMPORTANT NOTE: After you submit your application, you will receive an email providing a link to an online assessment that is a mandatory part of the process. The email will come from HireVue - please check your spam/junk mailbox if you do not see the email. Once completed, your application will be reviewed to determine next steps. Thank you for your interest in Shell.