×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Information Security Cybersecurity Data Security IT Consultant

Senior IT Risk and Compliance Analyst

Job in Chicago, Cook County, Illinois, 60290, USA
Listing for: Morningstar Credit Ratings, LLC
Full Time position
Listed on 2026-06-02
Job specializations:
  • IT/Tech
    Information Security, Cybersecurity, Data Security, IT Consultant
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

The Group:
The Information Security department is responsible for setting enterprise security policies and standards that are designed to protect the confidentiality, integrity and availability of Morningstar information. The security team offers guidance and technical expertise in areas like application security, policies and procedures, disaster recovery and compliance/regulation. We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure.

Role

The Information Security Team is looking for a Senior Analyst Third-Party Vendor Risk Analyst to join the IT Compliance Team. The Senior Third-Party Vendor Risk Analyst will help shape the Information Security Team’s third party vendor risk management program. This individual will serve as a subject matter expert for third party vendor risk management, perform vendor risk assessments, propose updates to expand the program’s capabilities, increase participation in the program and drive process improvements.

This position is based in either our Chicago or Toronto office.

Responsibilities
  • Partner with the business to execute vendor risk assessments
  • Monitor internal SLAs to ensure we provide timely service to our internal stakeholders
  • Serve as a subject matter expert for security vendor risk management
  • Collaborate with the procurement department and other internal stakeholders to improve and expand the vendor risk management program
  • Review third party security documents (SOC2, security policies, data flow diagrams, etc.)
  • Perform contract reviews of proposed changes to security requirements in our third party contracts
  • Liaise with third party vendors as required
Requirements
  • A bachelor’s degree and 5+ years’ experience, including 3+ in a vendor risk related role
  • Experience serving as the subject matter expert for security vendor due diligence
  • Experience performing contract review of security terms
  • Familiarity with common compliance standards (SOX, SOC2, PCI-DSS, GDPR, etc.)
  • Familiarity with security frameworks (ISO 27001, NIST, etc.) and general security concepts
  • Strong organizational skills and the ability to multitask and switch priorities with short notice
  • Strong business analysis, research and analytical skills
  • Excellent communication skills
Compensation and Benefits
  • Financial Health: 100% 401k match up to 6% of salary
  • Stock Ownership Potential
  • Company provided life insurance - 1x salary + commission
  • Physical Health:
    Comprehensive health benefits (medical/dental/vision) including potential premium discounts and company-provided HSA contributions (up to $500-$2,000 annually) for specific plans and coverages
  • Additional medical Wellness

    Incentives:

    up to $300-$600 annual
  • Company-provided long- and short-term disability insurance
  • Emotional Health:
    Trust-Based Time Off
  • 6-week Paid Sabbatical Program
  • 6-Week Paid Family Caregiving Leave
  • Competitive 8-24 Week Paid Parental Leave
  • Adoption Assistance
  • Leadership Coaching & Formal Mentorship Opportunities
  • Annual Flex Stipend: $1000 annually to cover personal education & well-being expenses
  • Tuition Reimbursement
  • Social Health:
    Charitable Matching Gifts program
  • Dollars for Doers volunteer program
  • Paid volunteering days: 15+
  • Employee Resource & Affinity Groups
  • Total Cash Compensation Range: $- (Inclusive of annual base salary and target incentive)

Morningstar's hybrid work environment gives you the opportunity to collaborate in-person each week as we've found that we're at our best when we're purposely together on a regular basis. In most of our locations, our hybrid work model is four days in-office each week. A range of other benefits are also available to enhance flexibility as needs change.

EEO Statement

Morningstar is strongly committed to creating and preserving equal opportunity for all employees and applicants. We make all employment decisions—including recruitment, hiring, compensation, training, promotion, transfer, discipline, termination, and other personnel matters—without regard to race, color, ancestry, religion, sex, national origin, age, disability, protected veteran status, marital status, sexual orientation, genetic information, citizenship, gender identity and expression, parental status, or other legally protected characteristics or conduct.

#J-18808-Ljbffr
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search