Security Governance Analyst

We are hiring a Security Governance Analyst for our client, a leading global organization in the insurance and risk management industry. Technology plays a strategic role in their mission to build more resilient societies, and their growing international tech team is central to delivering innovative and secure solutions.

Job Summary

As a Security Governance Analyst, you will work to ensure the consistent application of security standards across systems and applications, manage vulnerabilities, and coordinate compliance and control activities across teams. This role involves facilitating communication between technical and governance stakeholders, supporting mitigation and remediation planning, and contributing to the organization’s overall security strategy through structured reporting and continuous improvement initiatives.

The ideal candidate is proactive, analytical, and skilled in navigating complex environments with multiple stakeholders.

Key Responsibilities

• Track and control the application of security standards across systems and applications.
• Monitor and report on the state of vulnerabilities.
• Facilitate exchanges and communication with other teams regarding security issues.
• Provide aggregated reporting to the Security Governance team and the CISO.
• Manage recurrent control programs using manual and automated technical controls.
• Coordinate communications around compliance requirements.
• Support teams during mitigation and remediation planning.
• Develop and maintain inspection manuals and automated control procedures.
• Participate in committees and preparation activities related to security governance.

Required Experience & Competencies

• Proven experience in security governance, risk management, or compliance.
• Strong understanding of security standards and frameworks (e.g., ISO 27001, NIST).
• Experience with vulnerability management and reporting.
• Excellent communication and facilitation skills.
• Ability to work collaboratively with cross-functional teams.
• Strong analytical and problem-solving skills.
• Familiarity with automated security controls and inspection tools

Education & Certifications

• Bachelor's degree in Information Security, Computer Science, or a related field.
• Professional certifications such as CISSP, CISM, or CRISC are highly desirable.