Security Governance Analyst

At our brand-new Shared Business Platform (SBP) in Bucharest, we offer a dynamic environment where career growth is actively supported through internal mobility, globally recognized certifications, and continuous professional development. We value work–life balance, offering flexible work arrangements, and wellbeing initiatives that help you thrive both personally and professionally.

Now, let's explore this exciting opportunity so that you can be part of our mission.

We are seeking a Security Governance Analyst to join our dynamic Tech team. The ideal candidate is proactive and detail-oriented , with strong analytical and communication skills. You will work to ensure the consistent application of security standards across systems and applications, manage vulnerabilities, and coordinate compliance and control activities across teams. This role involves facilitating communication between technical and governance stakeholders, supporting mitigation and remediation planning, and contributing to the organization's overall security strategy through structured reporting and continuous improvement initiatives.

Key duties and responsibilities

The Security Governance Analyst plays a critical role in maintaining the organization's security posture by ensuring compliance with security standards, managing vulnerabilities, and facilitating communication between different teams. This position requires a proactive approach to security management, strong analytical skills, and the ability to coordinate complex security initiatives.

Key Responsibilities:

• Security Standards Compliance : Monitor and verify that security standards are consistently applied across systems and applications.
• Vulnerability Management : Track, assess, and report on the state of vulnerabilities, ensuring timely remediation.
• Inter-team Coordination : Facilitate communication and collaboration between security teams and other departments to address security issues.
• Reporting : Prepare and deliver aggregated reports on security metrics to the Security Governance team and the CISO.
• Control Program Management : Develop, implement, and manage recurrent control programs using both manual and automated technical controls.
• Compliance Communication : Coordinate and communicate compliance requirements to relevant stakeholders.
• Support and Guidance : Provide support and guidance to teams during mitigation and remediation planning.
• Inspection Procedures : Create and maintain inspection manuals and automated control procedures.
• Committee Participation : Participate in security governance committees and preparation activities.

Key Duties:

• Track and control the application of security standards across systems and applications.
• Monitor and report on the state of vulnerabilities.
• Facilitate exchanges and communication with other teams regarding security issues.
• Provide aggregated reporting to the Security Governance team and the CISO.
• Manage recurrent control programs using manual and automated technical controls.
• Coordinate communications around compliance requirements.
• Support teams during mitigation and remediation planning.
• Develop and maintain inspection manuals and automated control procedures.
• Participate in committees and preparation activities related to security governance.

Required experience & competencies

Must adhere our Key Security Principles and Team Values:

Security Principles: Defend the business, Support the business and promote responsible information security behavior.

Team values: Professionalism, Ethic, Transparency and Team Spirit.

• Proven experience in security governance, risk management, or compliance.
• Strong understanding of security standards and frameworks (e.g., ISO 27001, NIST).
• Experience with vulnerability management and reporting.
• Excellent communication and facilitation skills.
• Ability to work collaboratively with cross-functional teams.
• Strong analytical and problem-solving skills.
  Familiarity with automated security controls and inspection tools.

Required Education

• Bachelor's degree in Information Security, Computer Science, or a related field.
• Professional certifications such as CISSP, CISM, or CRISC are highly desirable.

As a leading global reinsurer, SCOR offers its clients a diversified and innovative range of reinsurance and insurance solutions and services to control and manage risk. Applying "The Art & Science of Risk," SCOR uses its industry-recognized expertise and cutting-edge financial solutions to serve its clients and contribute to the welfare and resilience of society in around 160 countries worldwide.

Working at SCOR means engaging with some of the best minds in the industry – actuaries, data scientists, underwriters, risk modelers, engineers, and many others – as we work together to find solutions to pressing challenges facing societies.

As an international company, our common culture is defined by "The SCOR Way." Serving both to build momentum that drives the Group forward and as a compass to guide our actions and choices, The SCOR Way is anchored by five core values, reflecting the input of employees at all levels of the Group. We care about clients, people, and societies. We perform with integrity. We act with courage. We encourage open minds. And we thrive through collaboration.

SCOR supports inclusion and the diversity of talents, and all positions are open to people with disabilities.