Information Risk Management
Our IT community harvests technology to deliver the most future-ready business solutions that help us make a tangible impact.
Enabling Shell’s Digital Transformation
At Shell, our mission is to deliver high quality, cost-effective and sustainable energy solutions to communities across the world. Our Information Technology (IT) specialists spearhead our big successes by enabling us to explore and consistently innovate.
Being part of a company that serves over 30 million consumers daily translates to an opportunity to deliver secure and reliable digital transformation at scale across 80 countries. Our communities of technology experts identify new opportunities, pursue emerging tools and constantly reinvent themselves to deliver IT solutions that drive growth, streamline performance and promote efficiency.
We are currently expanding our teams in Information Risk Management (IRM), CyberDefence and Security & Compliance, rapidly.
Meet Roy
Read the transcript
Read the transcript
Title: Meet Roy
Duration: 1:23
Description:
Meet Roy, who is part of Shell's CyberDefence team. He talks about being happy with the challenges he's encountered as a Red Teamer and how interesting it has been.
Roy Transcript
[Background music plays]
Bright, uplifting music
[Animated sequence]
Work location
[Text displays]
Hi, my name is Roy
I work as a Red Teamer for Shell CyberDefence
What I'm trying to do every single day is
I'm trying to break our own defences
What I’m doing is, I'm performing Red Teaming
assessments in which we simulate an attack
as a real-life adversary could perform on us
as realistically as we potentially can
We're training ourselves to make sure if we're ever hit
by one of these adversaries, we are ready
and we can fend off an attack like that as well as possible
so that it doesn't have any impact on us.
Something that definitely
stands out from all the organizations that I've worked for,
That is, within Shell, you have a lot of different co-workers,
but they all have one thing in common
everyone is an absolute expert
and very passionate about what they do.
I definitely think that Shell is a very interesting organization to work for,
If you really like to challenge yourself, and to challenge
an organization that already has a very high level of maturity,
then I definitely think this would be something that is very
interesting for you as well
{Section subheader, e.g. scene transition/break}
None
[Conversation/ speech Title]
Roy
{Enter speaker’s job}
Senior Red Team Analyst in Shell’s CyberDefence team
{Name of speaker}
Roy
{Enter the speaker’s dialogue}
Hi, my name is Roy
I work as a Red Teamer for Shell CyberDefence
What I'm trying to do every single day is
I'm trying to break our own defences
What I’m doing is, I'm performing Red Teaming
assessments in which we simulate an attack
as a real-life adversary could perform on us
as realistically as we potentially can
We're training ourselves to make sure if we're ever hit
by one of these adversaries, we are ready
and we can fend off an attack like that as well as possible
so that it doesn't have any impact on us.
Something that definitely
stands out from all the organizations that I've worked for,
That is, within Shell, you have a lot of different co-workers,
but they all have one thing in common
everyone is an absolute expert
and very passionate about what they do.
I definitely think that Shell is a very interesting organization to work for,
If you really like to challenge yourself, and to challenge
an organization that already has a very high level of maturity,
then I definitely think this would be something that is very
interesting for you as well
[Visuals]
{Visual transition/change, e.g. Split screen, video footage, etc.}
None
{Describe what is displayed on the screen}
Roy speaking from his work location
Meet Jennifer
Read the transcript
Read the transcript
Title: Meet Jennifer
Duration: 1:43
Description:
Meet Jennifer, a Sr. Vulnerability Analyst who is part of Shell’s CyberDefence. Jennifer talks about how she enjoys working with the diverse workforce at a global energy organisation like shell.
Jennifer’s Transcript
[Background music plays]
Bright, uplifting music
[Animated sequence]
Work from home location
[Text displays]
Jennifer | Vulnerability Analyst | Shell CyberDefence
My name is Jennifer and I'm a Senior Vulnerability Analyst at Shell
What do you do at Shell?
As a Vulnerability Analyst and also part of the wider CyberDefence team
I get to protect Shell against cyber threats
I help remediate vulnerabilities
or weaknesses in our environment
that could lead to potential cyber-attacks in the future
Describe a day in your life working at Shell
A typical day in my life might involve starting out with
some phone calls with colleagues from across the world
We develop plans to remediate vulnerabilities
I might spend some time also scripting
to create ways to detect vulnerabilities in our environment,
and I may create some reports as well to figure out
what we need to remediate in the environment
Why did you decide to join Shell?
I decided to join Shell
because I knew it was a global organization
that welcomes different cultures and people from different backgrounds
I also knew that the CyberDefence team
was a really mature one compared to other companies
and I wanted a place
where I could specialize in CyberDefence
and really have all the resources that I needed to develop my skill sets
What do you like most working at Shell?
My favourite part about working at shell
has to be the people
I love that we're a global organization with people
from so many different backgrounds and cultures
and I get to learn about them and work with colleagues
that I never would have gotten to meet otherwise
What would you tell someone who is interested to join your team at Shell?
I would tell them to go for it
We’ll welcome them with open arms
and they'll be part of the team in no time
{Section subheader, e.g. scene transition/break}
None
[Conversation/ speech Title]
Jennifer
{Enter speaker’s job}
Senior Vulnerability Analyst at Shell
{Enter the speaker’s dialogue}
My name is Jennifer and I'm a Senior Vulnerability Analyst at Shell
As a Vulnerability Analyst and also part of the wider CyberDefence team
I get to protect Shell against cyber threats
I help remediate vulnerabilities
or weaknesses in our environment
that could lead to potential cyber-attacks in the future
A typical day in my life might involve starting out with
some phone calls with colleagues from across the world
We develop plans to remediate vulnerabilities
I might spend some time also scripting
to create ways to detect vulnerabilities in our environment,
and I may create some reports as well to figure out
what we need to remediate in the environment
I decided to join Shell
because I knew it was a global organization
that welcomes different cultures and people from different backgrounds
I also knew that the CyberDefence team
was a really mature one compared to other companies
and I wanted a place
where I could specialize in CyberDefence
and really have all the resources that I needed to develop my skill sets
My favourite part about working at shell
has to be the people
I love that we're a global organization with people
from so many different backgrounds and cultures
and I get to learn about them and work with colleagues
that I never would have gotten to meet otherwise
I would tell them to go for it
We’ll welcome them with open arms
and they'll be part of the team in no time
[Visuals]
{Visual transition/change, e.g. Split screen, video footage, etc.}
Work location
{Describe what is displayed on the screen}
Jennifer speaking from her work from home location
Meet Imanuel
Read the transcript
Read the transcript
Title: Meet Imanuel
Duration: 1:20
Description:
Meet Imanuel, a Security and Compliance Analyst from Shell's CyberDefence team. Imanuel talks about how he experiences a true sense of community and belonging within Shell.
Imanuel Transcript
[Background music plays]
Bright, uplifting music
[Animated sequence]
Work from home location
[Text displays]
Imanuel | Security and Compliance Analyst | Shell Information Risk Management (IRM)
My name is Imanuel and I'm a security and compliance analyst
What do you do at Shell?
Making Shell more secure by performing risk assessment activities as well as risk mitigation activities,
following information risk management policies and guidelines
In short, helping minimize risks that could harm business and its objectives
Describe a day in your life working at Shell
Handling over a dozen IT projects at various stages thereby
meeting project stakeholders and supporting projects go live,
saving millions on annual basis
What do you like about working at Shell?
People care for each other; people stand up for each other
Leads will not ask you to explain escalations
They help you to take on any challenges you may have come across
What would you tell someone who is interested to join your team at shell?
You’re making the right choice
Come make a difference as well as witness constant innovation
{Section subheader, e.g. scene transition/break}
None
[Conversation/ speech Title]
Imanuel
{Enter speaker’s job}
Security and Compliance Analyst
Name of Speaker
Imanuel
{Enter the speaker’s dialogue}
My name is Imanuel and I'm a security and compliance analyst
Making Shell more secure by performing risk assessment activities as well as risk mitigation activities,
following information risk management policies and guidelines
In short, helping minimize risks that could harm business and its objectives
Handling over a dozen IT projects at various stages thereby
meeting project stakeholders and supporting projects go live,
saving millions on annual basis
People care for each other; people stand up for each other
Leads will not ask you to explain escalations
They help you to take on any challenges you may have come across
You’re making the right choice
Come make a difference as well as witness constant innovation
[Visuals]
{Visual transition/change, e.g., Split screen, video footage, etc.}
None
{Describe what is displayed on the screen}
Imanuel is speaking from his (work from home) location
Join our Team
What do we do in IRM?
We protect Shell’s information assets against existing risks and potential threats to ensure secure and reliable operations for the company’s businesses across the world. Our experts tackle the growing information on security threats and challenges resulting from the digital transformation of Shell businesses. This is done by using technology and through creating awareness for users and business stakeholders.
What do we do in CyberDefence?
CyberDefence and Risk Operations operates at the forefront of information security, building trust, driven by world class experts and equipped with cutting-edge technology, to protect and enable our business today and into the future.
The changing IT landscape provides many opportunities to move our business into the digital world, enabling improvements in the way Shell operates. However, with these changes also come greater challenges with regard to security, compliance and information and data protection. Cyber-attacks can cause damage to reputation, destruction of assets and loss of information. Shell is taking action to detect and respond to the continuous flow of these types of attacks. As part of Shell IT Operate, CyberDefence has specific focus on identifying cyber threats, discovery of IT vulnerabilities, advising on preventative security measures, monitoring for cyber intrusions and response to security incidents. It ensures that Shell can make use of the opportunities provided by the digital transformation effectively and securely.
What do we do in Security & Compliance?
As part of Shell’s strategy to become faster in adapting digital technology and to leverage new opportunities, Security & Compliance team takes cues from Shell IT Line of Defense model and Industry best practices to fully implement line of defense role demarcation in the Shell IT landscape. Identifying various risks to business objectives and deciding on respective risk responses is at the center of Security & Compliance's function. Security & Compliance also focuses on mitigation of the identified risks through implementation and operation of relevant controls.
If you have the passion, curiosity and agility to solve practical problems, be part of our IT and digital community that harvests technology to deliver future-ready solutions. Help us make a tangible impact. In return, we will place you at the forefront of IT innovation and fuel your growth by giving you a Global platform along with pioneering projects, state-of-the-art infrastructure and excellent technical, commercial and leadership training.
