Company: Shell
Skills: IT - Analysis & Management, PR / Corporate Communications, Risk Management
Experience: 13 + Years
Education: Bachelors/3-5 yr Degree
Location: Bengaluru, Karnataka, India

Are you looking for a role that is visible, has the possibility to influence behaviour at all levels of the organisation, interfaces with several functions, is externally focused and fun? Are you interested in being part of a team that is on the front end to communicate and engage staff with current information security topics? If so, then this is a great opportunity for you!

Where you fit in

This role sits in Information Risk Management (IRM), which is part of the Information and Digital Technology organisation. The purpose of the role is to ensure Shell is addressing information risks in an effective and efficient manner, commensurate with Shell risk appetite, and is seen as an industry leader among peers and key suppliers of security services.

With the increasing level of cyber risk, and the need to protect Shell's information and data, the IRM function drives Think Secure, which is Shell's global information security communication and engagement campaign. The global and targeted communication campaign is designed to educate and influence the behaviour of staff where it relates to the protection of Shell's information assets.

What's the role

As a Senior IDT Advisor - Transformation & Engagement, your primary responsibility is to support the delivery of ongoing, evolving and continuously improving Think Secure campaign through marketing, communication, change, learning and engagement activities, which includes the end-to-end delivery of phishing simulations. The campaigns should be developed to target the wide-ranging user groups within Shell and ensure messaging is relevant to each stakeholder group.

You will also be expected to:
  • Act as a strategic engagement lead accountable for building and driving the strategy and delivery of the Think Secure campaign aimed at raising employee awareness (100,000+ staff), shifting corporate culture, and changing behaviours related to managing information security risk.
  • Create and manage communication materials and subsequent measurement activities. Use an external focus to identify and lead opportunities for continuous improvement.
  • Establish effective business relationships in a heavily matrixed organisation. Collaborate with subject matter experts in Shell's global IDT team, Cyber Risk Operations team, other functional experts, internal communications team, external agencies and the executing engagement team to drive behaviour change.
  • Indirectly manage (at least) two team members to deliver the full Think Secure and Phishing simulation strategy.
  • Develop business cases to secure budget and manage what is needed to deliver Think Secure.
  • Demonstrate visible leadership and be the voice for Think Secure at all levels in the organisation and in various communications channels.
  • Drive day-to-day strategic execution of Shell's phishing simulation service to over 100,000 people. This is a service that tests, educates and measures individual and team performance on phishing simulations.
  • Lead an external service team to deliver phishing simulations from development to delivery of all reporting, including Power BI reports across Shell - individual, team and line manager dashboards.
  • Drive integration opportunities with other reporting functions. Note - the current phishing dashboard is expected to expand this year and include metrics beyond phishing. The role will be responsible to manage this integration from the project into Business as Usual.
  • Facilitate our NOVs/JVs/Portfolio Companies to mature their cyber security capability by running phishing as a service.
  • Set-up Phishing Improvement Board (PIB) for effective management of process improvement requests.
  • Continuous improvement of phishing solution which may include acting as a SME for specific project activities.

What we need from you

We're keen to hear from professionals with a bachelor's degree who are solution-focused, can present themselves to senior leaders, and can drive strong stakeholder management globally.

Further requirements are as follows:
  • 13+ years of total experience including Behavior Change Management, Communications & Engagement/Transformation Plan.
  • Demonstrated capability to create a strategy and then build a plan to drive engagement at all levels of a complex, global organisation.
  • Development of campaigns that are audience specific, interesting, effective and have the ability to set Think Secure apart in a busy environment where people are overwhelmed with organisation wide messaging.
  • Excellent and effective business English communication, presentation and facilitation skills required.
  • Ability to communicate complex messages in a simple, clear, and concise manner. Should have experience with different types of communications methods, written material, SharePoint, webcasts, printed materials, hosted events, and other methods. Display practical knowledge of different communication techniques to ensure people understand and continually apply the required behavioral change necessary to reduce the 'human factor' risk.
  • Be passionate about driving a culture of security through training and awareness.
  • Understanding of the concepts of information risks and the different elements that make up risk. At a minimum, should have a basic understanding of different concepts of information security. Security expertise is not required, as you will be working directly with our security team, but a basic understanding of security concepts, or willingness to learn, is required.
  • Remain knowledgeable and up to date about trends and threats in cyber security, with an emphasis on risks associated with human behaviour. Understand the concepts of culture and how culture impacts the way people behave and learn.
  • Project management experience - ability to plan, manage, and maintain a complex, organisation-wide program
  • Ability to take initiative, reach out to and coordinate with different people in different departments and at different levels. Collaboration and partnering with others, to include people in other countries, is a key factor to success.
  • Define and measure success metrics.
  • Proficient at MS Office Suite and SharePoint.

Knowledgeable in using PowerBI is a plus.