Description
Project Description
The purpose of the IRM Function is to ensure (as a second line of assurance, with Internal Audit providing the Third Line of Assurance) that the organization is addressing Information Risks in an effective and efficient manner, commensurate with the organization risk appetite, and being seen as an industry leader among peers and key suppliers of security services.
The Information Risk posture of the organization includes a wide variety of potential business impacts, such as HSSE impacts, production loss, financial and maintenance operations loss, loss of Most Confidential bidding data. Each of these Information Risks has a potential impact of $1bln+.
The IRM Function defines requirements for the assessment of Information Risks, defines the selection of mandated IT Controls, and defines and executes assessments of the design and operational effectiveness of these controls. The function organises communication campaigns to impact the behaviour of business and IT staff where it relates to Information Risks.
In addition to these preventative measures, the IRM Function includes a Cyber Resilience function to understand the cyber threat landscape and the vulnerabilities to cyberattacks in IT systems and services, to detect malicious behaviour and to respond to incidents.
Organisationally, the IRM Function is part of Global Functions IT and reports to the Group CIO. The IRM Function consists of a central team with the Strategy, Risk, Compliance and Assurance and Business facing teams. The IRM Function in the IT Operations Organisation (ITSO) consists of the Detect and Respond Teams.
Given the Cyber threat landscape and its development, it is critical that the IRM Function collaborates closely with suppliers and industry peers and collaborates effectively with government agencies in key countries where the organization operates in.
Job Description
Strategic engagement lead accountable for building and driving the strategy and delivery of the Think Secure campaign, an integrated global communications program plus business specific campaigns aimed at raising employee awareness, learning and changing behaviours related to information security (100,000 staff).
Leads work with experts in Shell's global IT, CyberDefence team, other functional experts and the executing communications team to develop and deliver Think Secure materials and Manages (at least) two team members and other functions to deliver campaigns.
Drive the identification, execution and continuous improvement for Shell's phishing simulation campaigns and reports. Responsible for leading an external team that produces phishing reports shared at senior levels of the company.
PURPOSE & ACCOUNTABILITIES
Purpose
The role is accountable to support Shell staff to effectively know and behave in a manner to protect Shell's information assets. The Executive Engagement and Campaign Lead ensures that the right behavior campaigns are started and managed to educate all Shell employess, specific Shell businesses, the Senior Executive Group and IT on security topics required to ensure staff know how to think, act and be secure in how they handle Shell's information assets.
Accountabilities
Strategic engagement lead accountable for building and driving the strategy and delivery of the Think Secure campaign, an integrated global communications program plus business specific campaigns aimed at raising employee awareness, learning and changing behaviours related to information security (100,000 staff).
Leads work with experts in Shell's global IT, CyberDefence team, other functional experts and the executing communications team to develop and deliver Think Secure materials and Manages (at least) two team members and other functions to deliver campaigns.
Drive the identification, execution and continuous improvement for Shell's phishing simulation campaigns and reports. Responsible for leading an external team that produces phishing reports shared at senior levels of the company.
Roll-out phishing consequence and reward management globally across Royal Dutch Shell.
Member of an external network of security awareness professional across other companies in the Netherlands.
Technical Skills & Experience
Fluency in English, marketing, change and communications experience, preferably in Shell and/or Cyberdefence. Writing, project management a plus.
Soft Skills & Experience
Demonstrated capability to build and drive engagement at all levels of a complex, global organisation.
A good understanding of technology deployments in the market and their relevance to driving business value for their business area
Special Challenges
Manage a broad set of senior stakeholders across Shell businesses and IT;
The role requires the person to work independently, pro-actively and with multiple senior;
stakeholders without daily supervision;
Virtual working in a global environment with culturally diverse teams and stakeholders across multiple time zones and locations;
Collaboration and influencing required with multiple stakeholders from different geographies, functions, seniority;
Work on multiple projects in parallel; working with suppliers; managing service providers.
Experience and Qualification Required
- Demonstrated capability to build and drive engagement at all levels of a complex, global organisation;
- Effective Communication skills (strategic development, presentation, effective conversations, written);
- Strong Facilitation skills (team work and team building);
- Has sound and wide business knowledge and an understanding of current and emerging information;
- technologies and of how they can support and enhance the functions of the business;
- Has excellent interpersonal skills and is fully experienced at dealing with senior stakeholders;
- Ability to work with internal and external stakeholders at all levels of the organisation;
- Possesses a broad understanding of business and business skills;
- Has defined authority and responsibility for a significant area of work, including technical, financial and quality aspects. Has established organizational objectives and delegated assignments. Accountable for actions taken by self and subordinates;
- Understanding of global external developments in Information Risk Management and Cyber Security;
- Extensive experience with and knowledge of the SHELL IT organisations, environments and technolo;
- Excellent communication skills to engage at all levels in the Shell organisation.
Michael Bailey International is acting as an Employment Business in relation to this vacancy.