Return to jobs
Join Morningstar as an IT Risk and Compliance Analyst and contribute to safeguarding the company's information assets.
Overview
Salary
No salary declared 😔
Location
Bucharest, Romania - Hybrid
Nomad Friendly?
Expires
Expires at anytime
Morningstar is a global company dedicated to ensuring the security of its information assets. They provide exhaustive guidance on issues such as application security, disaster recovery, compliance and regulation, and more. The opportunity in hand is for the role of an IT Risk and Compliance Analyst, where you'll support the company's compliance responsibilities, document security processes, adhere to compliance obligations like SOX, SOC2, PCI-DSS, SEC, and more.
Role Summary:
- Supporting Morningstar’s compliance responsibilities
- Documenting security processes and procedures
- Identifying and following up on security findings
- Helping gathering evidence for audits
Role Requirements:
- A bachelor’s degree with at least 2 years of experience in risk and compliance or an IT auditor role
- Familiarity with compliance standards and security frameworks like SOX, SOC2, PCI-DSS, GDPR, ISO 27001, NIST
- Knowledge of IT audits, risk assessments, and security concepts with strong organizational, analytical and communication skills
- Availability to work outside regular business hours
Application Process Details:
- Morningstar offers a hybrid work environment, with flexibility as needs change
- Reasonable accommodations are available for applicants with disabilities
The organisation: Morningstar, through its Information Security department, is dedicated to safeguarding the confidentiality, integrity, and availability of its information assets. The security team provides expert guidance on application security, policies, procedures, disaster recovery, and compliance/regulation. They analyze emerging security threats and conduct risk and vulnerability assessments to ensure the security of the company's information.
The role: We are seeking an IT Risk and Compliance Analyst to join our IT Compliance Team. This individual will support Morningstar’s compliance responsibilities, helping to document security processes and procedures, ensuring adherence to current and future compliance obligations such as SOX, SOC2, PCI-DSS, SEC, etc. The analyst will assist in identifying and following up on security findings, gathering evidence for audits, conducting third-party vendor risk assessments, and responding to customer RFPs and due diligence questionnaires.
Job requirements: Candidates should have a bachelor’s degree and at least 2 years of experience in risk and compliance or an IT auditor role. Familiarity with compliance standards like SOX, SOC2, PCI-DSS, GDPR, and security frameworks such as ISO 27001 and NIST is essential. The role requires knowledge of IT audits, risk assessments, and security concepts. Strong organizational, analytical, and communication skills are necessary, along with experience reviewing SOC 2 reports. Availability to work outside regular business hours may be required.
Benefits and additional info: Morningstar offers a hybrid work environment, allowing employees to work remotely with in-person collaboration at least three days a week. The company provides tools and resources to facilitate engagement with global colleagues. Additional benefits are available to support flexibility as needs change. The company is committed to providing reasonable accommodations for applicants with disabilities and offers contact information for accommodation requests. Applicants from various regions can reach out via provided contact details. Morningstar participates in the E-Verify program.
