IT Compliance & Incidents Analyst Shell - Wisma Shell Cyberjaya

Responsibilities:

• Ongoing control assessment and compliance monitoring to ensure proactive identification and notification of control weaknesses and security incidents.
• Performing deficiency analysis and supporting development and tracking of remediation action plans.
• Supporting management's assessment of the IT control environment.
• Supporting control owners and operators in management of internal and external audit and compliance reviews.
• Engaging with user community to raise information protection awareness.
• Develop the professional skills of staff and coach them to conduct consistent high quality compliance monitoring.
• Maintaining strong business intimacy by establishing a value-add service to the organisation.
• Support IRM program initiatives

Provide consultancy to IT delivery and business stakeholders: 

• Provide guidance and understanding of compliance standards,policies and requirements such as One IT Control Framework, SOX, Legal and Regulatory.
• Advise on achievable and best practices in implementation of risks based controls.

Participate in the ownership/standardisation of controls across IT landscape:

• Maintain strong business intimacy to ensure risks are well controlled with ownership acceptance.
• Ensure ongoing compliance with Information Risk Management standards,policies and specifications,and assurance schemes are well understood by IT Delivery.
• Facilitate input into the Group compliance management tools like Collective,including a strong Quality Assurance process.

Facilitate the End to End Compliance Monitoring Testing:

• Engage with the offshored Evidence Based Testing teams.
• Collect and review evidences to determine design and operational effectiveness of the controls in scope,including the One-IT Control Framework.
• Assist in the identification and implementation of improvements and remediation in the IT Service Operations Management Teams,including needs for awareness and skills training for Shell and IT Service Operations Management staff.
• Escalate in case of overdue remediation of non-compliance.

Facilitate Audit Coordination:

• Liaise with external SOX auditors (PWC) and internal auditors (SIA) on audits planned.
• Follow up and track audit actions.

Desired Skills & Experience

• Possesses a general understanding of the business applications of IT, with a minimum of 8 years of working experience.
• Has a sound understanding of the principles and practices involved in IT development, maintenance and service delivery.
• Has a strong general knowledge of IT controls and control frameworks (e.g., Cobit, ISO).
• Significant experience in Information Risk Management (IRM) related roles, Information Security roles or having worked with IRM through an IT Delivery role or Business IT role.
• Is respected for the pragmatic application of IT controls principles to practical problems.
• CISA qualification preferred.

Company Description

Shell is a global group of energy and petrochemical companies, active in more than 90 countries, employing 93,000 people worldwide.

Shell Business Service Centre Sdn Bhd (503619-D) is a high performance professional service organization that enables functional operations for Shell businesses. The centre is on a growth path and evolving as prime service centre for Finance Operations, Human Resources, Customer Service, Contracting & Procurement and Information Technology.

Our success is linked to our most important asset – people. We are committed to training, developing and rewarding talented professionals like you to grow with us.

As a part of our rapid growth, we are seeking to recruit for multiple vacancies; all roles will be based at Cyberjaya. This Shell facility is certified as a green building in Cyberjaya, with LEED Gold certification, a US standard green rating.

Additional Information

Posted:

December 19, 2012

Type:

Full-time

Experience:

Mid-Senior level

Functions:

Engineering 

Industries:

Oil & Energy 

Job ID:

4425432

• Apply on Company Website