Role The Information Security Team is looking for a Lead IT Compliance Analyst to join the IT Compliance Team. The Lead IT Compliance Analyst will help support Morningstar Information Security’s compliance responsibilities around regulatory compliance and PCI DSS. This individual will help Morningstar meet current and future compliance obligations, assist in identifying and following up on information security findings, gather evidence required for internal and external regulatory audits. Responsibilities Lead the Information Security Team’s efforts in the field of regulatory compliance and serve as the internal Subject Matter Expert (SME) for regulatory compliance assessments. Oversee and guide efforts to ensure the information security program’s compliance with regulatory standards and guidelines issued by the SEC, ESMA, and other applicable regulators. Serve as the main point of contact for information security regulatory compliance, facilitating communication between compliance teams and other internal stakeholders. Collaborate with relevant teams to remediate gaps and deficiencies identified during regulatory gap assessments or audits. Communicate compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers, seniors, and leaders. Lead PCI DSS compliance efforts, ensuring that all relevant systems and processes meet or exceed the required standards. Collaborate with cross-functional teams to identify, implement, and monitor controls to maintain PCI DSS compliance. Lead the internal control assessments run by the team, including conducting assessments, identifying efficiency improvements, and proposing enhancements to strengthen the internal control monitoring program. Requirements A bachelor’s degree and 5+ years’ experience in an IT Compliance position. Experience conducting PCI-DSS assessments. Ability to conduct internal regulatory audit readiness assessments. Familiarity with regulatory frameworks and guidelines issued by SEC and ESMA. Strong interpersonal skills to interact with compliance personnel, senior leadership, and other team members. Excellent oral and written communication skills. Strong organizational skills to prioritize work and balance multiple projects. Ability to work independently and as part of a broader team. Nice To Have Experience working in a legal or regulatory compliance role. Morningstar’s hybrid work environment gives you the opportunity to work remotely and collaborate in-person each week. We’ve found that we’re at our best when we’re purposely together on a regular basis, at least three days each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you’ll have tools and resources to engage meaningfully with your global colleagues. 100_MstarResCanad Morningstar Research, Inc. (Canada) Legal Entity How to Apply for a Job at Morningstar Step 1 When you find a position you're interested in, click the 'Apply' button. Please fill out this form completely, attaching your resume and cover letter in the approved format. Read the job requirements carefully and make sure to attach writing or design samples as required. Applicants must submit their resume and other information through our corporate website to be considered for a job at Morningstar. No phone calls, please. Step 2 You will receive an email notification to confirm that we've received your application. Step 3 If you are called in for an interview, a representative from Morningstar will contact you to set up a date, time, and location. Be prepared for a rigorous interview process. To make sure you're a good fit for Morningstar and we're a good fit for you, we'll schedule time for you to meet with multiple staff members at all levels of the company. Expect to return for multiple interviews as part of the process. A representative from Morningstar will contact you with the results of your interview—either with a job offer or to let you know our plans for the position. Applicants With Disabilities Who Need Accommodation Morningstar is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the employment process, please call +1 312 384-3900 or email AskHR@morningstar.com and let us know the nature of your request and your contact information. Please note: We only accept calls from applicants who need accommodation related to a disability. Please, no calls with unrelated questions or requests. Please be sure to include the title and location of the open position you’re interested in when you leave a message. US Applicants: Morningstar is an E-Verify program participant. Learn more: This Organization Participates in E-Verify (English) - https://e-verify.uscis.gov/web/media/resourcesContents/E-Verify_Participation_Poster.pdf This Organization Participates in E-Verify (Spanish) - https://e-verify.uscis.gov/web/media/resourcesContents/E-Verify_Participation_Poster_ES.pdf Right to Work (English) - https://www.uscis.gov/sites/default/files/USCIS/Verification/E-Verify/E-Verify_Native_Documents/OSC_Right_to_Work_Poster.pdf Right to Work (Spanish) - https://www.uscis.gov/sites/default/files/USCIS/Verification/E-Verify/E-Verify_Native_Documents/OSC_Right_to_Work_Poster_ES.pdf EEO is the Law: https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf Pay Transparency Notice: https://www.dol.gov/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf Morningstar is strongly committed to creating and preserving equal opportunity for all employees and applicants. We make all employment decisions—including recruitment, hiring, compensation, training, promotion, transfer, discipline, termination, and other personnel matters—without regard to race, color, ancestry, religion, sex, national origin, age, disability, protected veteran status, marital status, sexual orientation, genetic information, citizenship, gender identity and expression, parental status, or other legally protected characteristics or conduct.
