Security Governance Analyst

The Security Governance Analyst will be responsible for tracking and controlling the application of various security standards across systems and applications, managing vulnerabilities, facilitating exchanges with other teams, and providing aggregated reporting to the Security Governance team and the CISO. This role will also involve managing recurrent control programs using both manual and automated technical controls, coordinating communications around compliance requirements, and supporting teams during mitigation and remediation planning.

The Security Governance Analyst plays a critical role in maintaining the organization's security posture by ensuring compliance with security standards, managing vulnerabilities, and facilitating communication between different teams. This position requires a proactive approach to security management, strong analytical skills, and the ability to coordinate complex security initiatives.

Key Responsibilities:

• Security Standards Compliance: Monitor and verify that security standards are consistently applied across systems and applications.
• Vulnerability Management: Track, assess, and report on the state of vulnerabilities, ensuring timely remediation.
• Inter-team Coordination: Facilitate communication and collaboration between security teams and other departments to address security issues.
• Reporting: Prepare and deliver aggregated reports on security metrics to the Security Governance team and the CISO.
• Control Program Management: Develop, implement, and manage recurrent control programs using both manual and automated technical controls.
• Compliance Communication: Coordinate and communicate compliance requirements to relevant stakeholders.
• Support and Guidance: Provide support and guidance to teams during mitigation and remediation planning.
• Inspection Procedures: Create and maintain inspection manuals and automated control procedures.
• Committee Participation: Participate in security governance committees and preparation activities.

Required experience & competencies

Must adhere our Key Security Principles and Team Values:

Security Principles: Defend the business, Support the business and promote responsible information security behavior.

Team values: Professionalism, Ethic, Transparency and Team Spirit.

• Proven experience in security governance, risk management, or compliance.
• Strong understanding of security standards and frameworks (e.g., ISO 27001, NIST).
• Experience with vulnerability management and reporting.
• Excellent communication and facilitation skills.
• Ability to work collaboratively with cross-functional teams.
• Strong analytical and problem-solving skills.
• Familiarity with automated security controls and inspection tools.

Required Education 

• Bachelor's degree in Information Security, Computer Science, or a related field.
• Professional certifications such as CISSP, CISM, or CRISC are highly desirable.

As a leading global reinsurer, SCOR offers its clients a diversified and innovative range of reinsurance and insurance solutions and services to control and manage risk. Applying “The Art & Science of Risk,” SCOR uses its industry-recognized expertise and cutting-edge financial solutions to serve its clients and contribute to the welfare and resilience of society in around 160 countries worldwide.

Working at SCOR means engaging with some of the best minds in the industry – actuaries, data scientists, underwriters, risk modelers, engineers, and many others – as we work together to find solutions to pressing challenges facing societies.

As an international company, our common culture is defined by “The SCOR Way.” Serving both to build momentum that drives the Group forward and as a compass to guide our actions and choices, The SCOR Way is anchored by five core values, reflecting the input of employees at all levels of the Group. We care about clients, people, and societies. We perform with integrity. We act with courage. We encourage open minds. And we thrive through collaboration.

SCOR supports inclusion and the diversity of talents, and all positions are open to people with disabilities.