The Area:
The Information Security department is responsible for setting enterprise security policies and standards that are designed to protect the confidentiality, integrity and availability of Morningstar information. The security team offers guidance and technical expertise in areas like application security, policies and procedures, disaster recovery and compliance/regulation. We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure.
The Role:
The Information Security Engineer is responsible for helping secure Morningstar systems and maintain security monitoring solutions in partnership with our 24x7 SOC team. This individual will assist in maintaining Morningstar’s security posture by managing security solutions including Splunk, password vaulting, web filtering, antivirus, and vulnerability management. They will assist with penetration testing and security architecture reviews. They will be responsible for detection engineering and security orchestration.
This position is based in our Chicago office. We follow a hybrid policy of 3 days onsite and 2 days remote work.
Responsibilities:
- Automate and integrate security tools and activities
- Understand and help execute information security program goals
- Create and tune security alerts from key information security dashboards (IDS, antivirus, centralized logging, etc)
- Able to assist with malware investigation
- Provide security remediation advice and training to technical personnel
- Develop and enhance internal security processes, programs and procedures
- Conduct risk assessments, threat modeling, privacy assessments and information security reviews on internal Morningstar systems, applications and platforms
- Identify network and middleware security vulnerabilities, understand risk, and offer resolution advice
- Work directly with internal business units to communicate risk and help resolve open vulnerabilities
- Defining cloud security policies, procedures, solutions
Requirements:
- We’re looking for someone who enjoys solving puzzles, diagnosing problems, and building solutions
- Excellent communication skills and an understanding of network security fundamentals.
- Candidates should be interested in keeping up with the latest security trends, as well as enjoy performing architecture reviews and penetration test activities
- Experience with network security tools, network traffic analyzers, NMap, Rapid7 and PaloAlto
- An understanding of PowerShell, Python, Perl, and other scripting languages is preferred
- Splunk experience is preferred
001_MstarInc Morningstar Inc. Legal Entity
Morningstar’s hybrid work environment gives you the opportunity to work remotely and collaborate in-person each week. We’ve found that we’re at our best when we’re purposely together on a regular basis, at least three days each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you’ll have tools and resources to engage meaningfully with your global colleagues.
_MstarEurLtd Morningstar Europe Ltd (UK) Legal Entity
Morningstar is a global investment research company.
Other jobs at _MstarEurLtd Morningstar Europe Ltd (UK) Legal Entity
Why OmniJobs?
- Rare & hidden jobs
- New jobs every day
- No expired job posts
- All jobs in English
Receive emails about similar jobs
Get alerts to your inbox about new open jobs that are similar to this one.
No spam. No ads. Unsubscribe anytime.
Similar jobs