The Risk & Control Advisor plays a key role in strengthening secure development practices and enhancing risk and control capabilities across Shells technology platforms. The role blends GRC expertise with application security and engineering practices to improve digital resilience and operational excellence.

Key Responsibilities :

- Align enterprise technology platforms with GRC frameworks, internal policies, and control standards.

- Drive secure software architecture and collaborate with engineering teams to triage and remediate security findings.

- Embed DevSecOps practices by automating security controls into CI/CD pipelines.

- Support GitOps-based deployment workflows, integrating security insights and risk advisory.

- Champion security awareness, secure development practices, and continuous improvement across Agile teams.

- Assess cloud platform security posture (AWS/Azure) and support secure solution deployments.

- Strengthen software supply-chain integrity using tools such as GHAS, Apiiro, or equivalents.

Skills & Requirements :

- Strong GRC knowledge with a balanced risk-opportunity mindset and deep security orientation.

- Hands-on experience with security standards and regulations (ISO, NIST, CIS, etc.).

- Proficiency in cloud posture management and secure deployment on AWS or Azure.

- Strong understanding of application security vulnerabilities and secure coding frameworks (e.g., OWASP Top 10).

- Experience implementing DevSecOps controls and integrating security into CI/CD workflows.

- Familiarity with secure software supply chain practices and modern security toolsets.

- Excellent communication skills with the ability to influence engineering and product teams.

Preferred Qualifications :

- Certifications such as CISA, CISSP, CCSP, or AWS/Azure Security (plus).

- Experience in Agile delivery environments.

- Exposure to product development or platform engineering teams.