Where you fit in
Our Projects and Technology (P&T) business exist to make the delivery of Shell’s strategy and the growth of our company possible. P&T works collaboratively and in an integrated way with its business partners, to deliver value for our customers, and for Shell.
We develop the advanced products and technologies Shell needs to meet customer demand. Our solutions help our partners grow the LNG, Gas and Power businesses, deepen the integration of Manufacturing, Chemicals and Trading, and maximise the competitiveness of our Upstream business.
What’s the role?
As Security Engineer, you will be responsible for driving secure software engineering practices in the Software Engineering CC, focusing on building the skills and practices needed to deliver secure software professionally, efficiently and effectively providing the necessary supporting tools. You will be in a primarily hands-on role requiring in-depth expertise of secure development and the ability to coach teams into establishing the right practices.
Your primary responsibilities are:
- Drive and influence software security across the organization by partnering with key stakeholders throughout Software development lifecycle.
- Propose, design, build and deploy security solutions, frameworks, automation and orchestration to secure applications.
- Identify opportunities for implementing additional technology controls to build more visibility or defend key points of attack.
- Perform product security reviews and provide critical security guidance to engineers and product managers.
- Enhance our security automation, leveraging or building software security tooling to help scale.
- Drive the development of an effective product security governance program that ensures. strategic alignment of product security and broader corporate and business unit objectives.
- Develop and drive security-related communication, training and awareness programs across the organization.
What we need from you?
- Must have legal authorization to work in the US on a full-time basis for anyone other than current employer.
- At least a Bachelor’s Degree in Software Engineering or equivalent.
- At least 2 years in software security practices such as threat modelling, security architecture, system and network security, application security, IAM and security protocols, and cryptography.
- Formal security certification preferred, such as CISSP
- Deep technical knowledge and experience identifying triaging and remediating application vulnerabilities, including OWASP top 10.
- Good knowledge of security principles at all layers of the OSI stack. String knowledge of security vulnerabilities and remediation techniques.
- Understands and can champion proper use of secure software engineering best practices in requirements, design, construction, testing, and deployment.
- Understands different delivery mechanisms (including grounds-up development and integrating purchased applications), and how that impacts secure software engineering requirements.
- Understands traditional (waterfall) as well as agile life cycles such as Scrum. Understands DevOps concepts. Knows how different life cycles impact application security practices.
- Understands the importance of professionalism, the quality mindset and minimization of unintentional rework in the full life cycle of a product.
- Able to inject a secure development mindset into delivery teams.
- Able to plan and schedule assignments including own work and that of the application security team, and coordinating/overseeing initiatives involving people with and without direct reporting lines.
- Has strong foundations and understands fundamental concepts such as models and methods, problem solving, abstraction, programming fundamentals, design. patterns, data structures and algorithms, computer organization, databases and networks, parallel and distributed computing, and secure development.
- Displays Inter-Personal Effectiveness: build effective and positive relationships that are open and respectful of personal and cultural differences, and work. collaboratively with colleagues of different points of view. Ability to influence without formal authority.
- Ability to work effectively and manage relationships with peers, in a virtual, geographically dispersed and cross cultural environment.
- Able to help teams kickstarting secure software engineering improvement initiatives, including (but not limited to) driving crisp security requirements, threat modeling, automated integration and deployment (CI/CD), real-time application monitoring, security and code quality scanning, remediating the findings, etc.
- Able to assess economic impact of design and/or implementation decisions.
- Fluent in English (spoken and written).
Shell is a global group of energy and petrochemicals companies with over 90,000 employees in more than 70 countries and territories. In the US, we have operated for over a century and are a major oil and gas producer onshore and in the Gulf of Mexico, a recognized innovator in exploration and production technology, and a leading manufacturer and marketer of fuels, natural gas and petrochemicals. We deliver energy responsibly; operate safely with respect to our neighbours and work to minimize our environmental impact. We are in search of remarkable people who will thrive in a diverse and inclusive work environment to deliver exciting projects locally and globally. People who are passionate about exploring new frontiers. Innovators and pioneers. People with the drive to help shape our future. Because remarkable people achieve remarkable things.
An innovative place to work
There’s never been a more exciting time to work at Shell. Everyone here is helping solve one of the biggest challenges facing the world today: bringing the benefits of energy to everyone on the planet, whilst managing the risks of climate change.
Join us and you’ll add your talent and imagination to a business with the power to shape the future – whether by investing in renewables, exploring new ways to storeenergy or developing technology that helps the world to use energy more efficiently.
An inclusive place to work
To power progress together, we need to attract and develop the brightest minds and make sure every voice is heard. Here are just some of the ways we’re nurturing an inclusive environment – one where you can express your ideas, extend your skills and reach your potential…
- We’re creating a space where people with disabilities can excel through transparent recruitment process, workplace adjustments and ongoing support in their roles. Feel free to let us know about your circumstances when you apply and we’ll take it from there.
- We’re closing the gender gap – whether that’s through action on equal pay or by enabling more women to reach senior roles in engineering and technology.
- We’re striving to be a pioneer of an inclusive and diverse workplace, promoting equality for employees regardless of sexual orientation or gender identity.
- We consider ourselves a flexible employer and want to support you finding the right balance. We encourage you to discuss this with us in your application.
A rewarding place to work
Combine our creative, collaborative environment and global operations with an impressive range of benefits and joining Shell becomes an inspired career choice.
We’re huge advocates for career development. We’ll encourage you to try new roles and experience new settings. By pushing people to reach their potential, we frequently help them find skills they never knew they had, or make career moves they never thought possible.