Job Description

About the role

The Area: The Information Security department is responsible for setting enterprise security policies and standards that are designed to protect the confidentiality, integrity and availability of Morningstar information. The security team offers guidance and technical expertise in areas like application security, policies and procedures, disaster recovery and compliance/regulation. We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure.

The Role

The Lead Information Security Engineer will evaluate Morningstar infrastructure and internally developed applications to identify vulnerabilities and potential short- and long-term solutions. This individual will assist in maintaining Morningstar\xe2\x80\x99s security posture by managing security solutions including logging, web filtering, antivirus/EDR, cloud and vulnerability posture management, and security orchestration/automation. They will assist with penetration testing and security architecture reviews. They will be responsible for defining monitoring and response procedures for the SOC. This role will also be responsible for leading security training sessions at both a technical and end-user level. This position is based in our Chicago office.

Job responsibilities:

• Collaborate with the Security Operations Center to develop, test, tune and deploy detections
• Define SOPs for security alert triage activities
• Manage and tune security technologies (SIEM, SOAR, IDS/IPS, EDR)
• Collaborate with other Security Engineers to develop, test, and deploy fully automated and manually executed processes (SOAR)
• Collaborate across all areas of the business (IT Infrastructure, product development, employee productivity, etc) to understand and protect our global technology footprint
• Willingness to be available outside of normal business hours when required

Qualifications:

• We\xe2\x80\x99re looking for someone who enjoys solving puzzles, and diagnosing problems
• 5+ years in security engineering
• Bachelor\'s degree
• Experience with SIEM and centralized logging tools
• Experience with log analysis
• Experience with scripting languages (Python and Powershell preferable)
• Strong fundamental knowledge of Windows and Linux OSs, networking, and Cloud Computing
• Excellent verbal and written skills to document and communicate technical details to technical and non-technical parties

Nice to have:

• Technical security certifications are preferred but not required (CISSP, GCIH, CEH, etc)

Morningstar\xe2\x80\x99s hybrid work environment gives you the opportunity to work remotely and collaborate in-person each week. We\xe2\x80\x99ve found that we\xe2\x80\x99re at our best when we\xe2\x80\x99re purposely together on a regular basis, at least three days each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you\xe2\x80\x99ll have tools and resources to engage meaningfully with your global colleagues.

Morningstar