Information Security Manager Information Security Manager …

in Chicago, IL, United States
Permanent, Full time
Be the first to apply
in Chicago, IL, United States
Permanent, Full time
Be the first to apply
Information Security Manager
Manager of Information Security - Program Management Chicago/en-US/Americas/job/Chicago/Manager-of-Information-Security---Program-Management_REQ-014659/apply

The Area: The Information Security department is responsible for setting enterprise security policies and standards that are designed to protect the confidentiality, integrity and availability of Morningstar information. The security team offers guidance and technical expertise in areas like application security, policies and procedures, disaster recovery and compliance/regulation. We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure.

The Role: As Manager of Information Security, you will be directly responsible for supporting Morningstars information security governance processes. This individual will proactively drive alignment between regulated entities and the information security strategy, keep clear lines of communication, update the regulated entities on upcoming security initiatives, reporting of security risks to the CISO, as well as a key player in the information security incident response process. As a member of Information Security, you will help develop a culture where safety, security and resiliency are integrated into every facet of Morningstar. You will help us continually advocate, identify, and monitor security processes that help drive business activities in a secure manner. You will be responsible leading governance activities to help mature the information security program and collaborate with product teams to advocate security initiatives. This position is based in our Chicago office.


  • Develops measures and monitors program performance against established security objectives to ensure programs stay on-time, in-scope, and on-budget
  • Work as an Information Security subject matter expert and provide expertise regarding regulated entities
  • Represent Information Security on client calls and audits
  • Assists the IT Compliance Manager with contract reviews
  • Provide oversight to the information security risk register
  • Drive adoption of information security program standards throughout the organization
  • Advance the security minded culture through advocacy
  • Assist in developing and testing incident response processes and policies
  • Implement information security risk governance and control frameworks that incorporates a consistent, sustainable methodology for identifying, assessing, and documenting information security risk that provides early warning of potential failure to meet information security requirements
  • Execute audit tests; identify issues and areas for improvement in efficiency and effectiveness in regulated entities
  • Manage and support Morningstars current and future compliance related responsibilities (SOX, SOC2, PCI-DSS, GDPR, SEC, etc.)


  • A bachelors degree and 4+ years experience in a risk, compliance or IT auditor role
  • Experience in a client facing security role
  • Understanding of IT SOX Controls
  • Experience representing the security team during external or internal audits
  • Strong project management skills
  • Excellent communication skills and a familiarity with common compliance and security frameworks (SOX, SOC2, PCI-DSS, GDPR, SEC, etc.)
  • Strong organizational skills and the ability to multitask and switch priorities with short notice
  • Proven experience in governing IT security programs to properly manage and address program progress and results against strategic goals
  • Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker
  • High level of interpersonal skills to interact with leaders at multiple levels and facilitate team interactions
001_MstarInc Morningstar Inc. Legal EntityPosted TodayFull timeREQ-014659

How to Apply for a Job at Morningstar

Step 1

When you find a position you're interested in, click the 'Apply' button. Please fill out this form completely, attaching your resume and cover letter in the approved format. Read the job requirements carefully and make sure to attach writing or design samples as required. Applicants must submit their resume and other information through our corporate website to be considered for a job at Morningstar. No phone calls, please.

Step 2

You will receive an email notification to confirm that we've received your application.

Step 3

If you are called in for an interview, a representative from Morningstar will contact you to set up a date, time, and location. Be prepared for a rigorous interview process. To make sure you're a good fit for Morningstar and we're a good fit for you, we'll schedule time for you to meet with multiple staff members at all levels of the company. Expect to return for multiple interviews as part of the process. A representative from Morningstar will contact you with the results of your intervieweither with a job offer or to let you know our plans for the position.

Applicants With Disabilities Who Need Accommodation

Morningstar is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the employment process, please call +1 312 384-3900 and let us know the nature of your request and your contact information.

Please note:

  • We only accept calls from applicants who need accommodation related to a disability. Please, no calls with unrelated questions or requests.
  • Please be sure to include the title and location of the open position youre interested in when you leave a message.

US Applicants: Morningstar is an E-Verify program participant.

Learn more:

  • This Organization Participates in E-Verify (English) -
  • This Organization Participates in E-Verify (Spanish) -
  • Right to Work (English) -
  • Right to Work (Spanish) -
  • EEO is the Law:
  • Pay Transparency Notice:

Morningstar is strongly committed to creating and preserving equal opportunity for all employees and applicants. We make all employment decisionsincluding recruitment, hiring, compensation, training, promotion, transfer, discipline, termination, and other personnel matterswithout regard to race, color, ancestry, religion, sex, national origin, age, disability, protected veteran status, marital status, sexual orientation, genetic information, citizenship, gender identity and expression, parental status, or other legally protected characteristics or conduct.