Purpose
The CyberDefence and Risk Operations (CRO) Team operates at the forefront of information security, building trust, driven by world class experts, and equipped with cutting-edge technology, to protect and enable our business today and into the future.
The changing IT landscape provides many opportunities to move our business into the digital world, enabling improvements in the way Shell operates. However, with these changes also come greater challenges with regards to security, compliance and information and data protection. As businesses leverage digitalization opportunities, their cyber-attack surface structurally increases, which can lead to business disruptions, data breaches and brand damage. High profile industry incidents show that these risks are real, and this has turned cyber resilience into a topic for the Boards. Cyber-attacks can cause damage to reputation, destruction of assets and loss of information. Shell is taking action to detect and respond to the continuous flow of these types of attacks via the highly experienced and enabled CRO team.
As part of the Information Risk Management function, the CyberDefence capability has specific focus on identifying cyber threats, discovery of IT vulnerabilities, monitoring for cyber intrusions and responding to security incidents. The Risk Operations function focuses on driving a consistent approach to controls and compliance in a standardized and consistent manner.
The CRO Reporting & Engagement team is a critical function that supports the entire CRO organisation. The team’s primary objective is to provide transparent, consistent, and clear communication to a broad set of executive stakeholders on cyber threats, vulnerabilities, and incidents – to inform about and increase awareness around cyber risks affecting Shell. The team is accountable for:
- The development of all cyber defence communication material (slides, newsletters, advisories, executive reports, et al)
- Organising stakeholder engagements
- Working with the wider team to obtain relevant content inputs
- Managing our document repository (SharePoint)
Accountabilities: Reporting team
- Create regular CyberDefence reports with statistics, examples of threats, vulnerabilities, and incidents
- Support Risk Operations & compliance reporting and engagements
- Maintain the CyberDefence Intranet, SharePoint, distribution lists and manage the functional mailbox
- Improve and maintain Nucleus – our DevOps enabled reporting platform
- Create and distribute CyberDefence reports and newsletters to keep the wider IT and business communities informed and aware
- Curate and create executive reports for C-level stakeholders, recurrently and on demand
- Support internal and external engagements for CRO Leadership team members like staff meetings, all-hands meetings, and other on-demand sessions
- Create and edit content for various stakeholder engagements and awareness sessions
- Develop and maintain a consistent and Shell-approved style for all deliverables including but not limited to slides, newsletters, templates, reports
- Track, monitor and report out on actions and their progress
- Create, maintain, and report the KPIs for CyberDefence
- Maintain process flows for CyberDefence
- Develop and maintain various slide packs for engagements sessions with executive leaders, operational teams, and various external partners
- Maintain and manage our relationship with the central IRM communications and Think Secure teams, and identify collaboration opportunities
- Collaborate with IRM, SOM, External Relations, Corporate Relations, Internal Communication and similar teams on various project and communication needs
- Identify continuous improvements opportunities for application across CRO
Special Challenges
Suitable candidates must demonstrate (or be prepared to quickly acquire) a good understanding of cyber security to be able to understand the technical content and translate it into a language that is appropriate for a wide range of stakeholders, varying from IT specialists or general users, up to board level stakeholders within and outside the IT and IRM functions in Shell.
To provide the expected transparency, it is also essential to be able to put CyberDefence reported vulnerabilities, risks, and other events into a proper and relevant business context, as it is to provide a framework of reference relevant for the different target audiences.
Experience/skills required
- Over-all 5 – 9 yrs of IT experience
- Communications and reporting professional with proven knowledge of communication management. A degree in the discipline of communication, journalism, advertising, content development or reporting will be a plus.
- Excellent written and verbal communication skills in the English language
- An eye for detail and the ability to multi-tasking
- Stakeholder management and the confidence to hold conversations with C-level stakeholders
- Excellent at Microsoft Office suite, specifically power point Excel, Word. Familiarity with SharePoint, Intranets will be an added advantage.
- Ability to produce high quality deliverables both content and presentation wise. Examples of deliverables include reports, presentations, and reasoned arguments.
- High degree of comfort with embracing the hybrid culture of working virtually and from a physical office location, while engaging with colleagues and stakeholders from different geographies and cultures
- A structured, project oriented, work ethic to monitor multiple activities and commitments in parallel
- Passion for IT technology and the ability to share that with other members of the team
- Excellent team-worker who can connect easily at technical as well as executive levels
- Demonstrated understanding of the issues of interest to Shell
- Enthusiasm in promoting the transfer of knowledge and awareness of information security to those in related areas
- Knowledgeable, creative, and curious self-starter with a Learners Mindset
के लिए आवेदन देना
.
नौकरी रिक्ति
तथा
वेतन.
