Role
The Information Security Team is looking for a Lead IT Compliance Analyst to join the IT Compliance Team. The Lead IT Compliance Analyst will help support Morningstar Information Security’s compliance responsibilities around regulatory compliance and PCI DSS. This individual will help Morningstar meet current and future compliance obligations, assist in identifying and following up on information security findings, gather evidence required for internal and external regulatory audits.
This position is based in our Toronto office. We follow a hybrid policy of at least 4 days onsite.
Morningstar's hybrid work environment gives you the opportunity to collaborate in-person each week as we've found that we're at our best when we're purposely together on a regular basis. In most of our locations, our hybrid work model is four days in-office each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you'll have tools and resources to engage meaningfully with your global colleagues.
Responsibilities
Lead the Information Security Team’s efforts in the field of regulatory compliance andserve as the internal
Subject Matter Expert (SME) for regulatory compliance assessments.
Oversee and guide efforts to ensure the information security program’s compliance with regulatory standards and guidelines issued by the SEC, ESMA,and other applicable regulators.
Serve as the main point of contact forinformation security regulatory compliance, facilitating communication between compliance teams and other internal stakeholders.
Collaborate with relevant teams to remediate gaps and deficiencies identified during regulatory gap assessments or audits.
Communicate compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers, seniors, and leaders.
Lead PCI DSS compliance efforts, ensuring that all relevant systems and processes meet or exceed the required standards.
Collaborate with cross-functional teams to identify, implement, and monitor controls to maintain PCI DSS compliance.
Lead the internal control assessments run by the team, including conducting assessments, identifyingefficiency improvements, and proposing enhancements to strengthen the internal control monitoring program.
Requirements
A bachelor’s degree and 5+ years’ experience in an IT Compliance position.
Experienceconducting PCI-DSS assessments.
Ability to conduct internal regulatory audit readiness assessments.
Familiarity withregulatory frameworks and guidelines issued by SEC andESMA.
Strong interpersonal skills to interact with compliance personnel, senior leadership, and other team members.
Excellent oral and written communication skills.
Strong organizational skills to prioritize work and balance multiple projects.
Ability to work independently and as part of a broader team.
Nice To Have
Experience working in a legal or regulatory compliance role.
Base Salary Compensation Range
$90,.00Incentive Target Percentage
12.5% AnnualMorningstar's hybrid work environment gives you the opportunity to collaborate in-person each week as we've found that we're at our best when we're purposely together on a regular basis. In most of our locations, our hybrid work model is four days in-office each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you'll have tools and resources to engage meaningfully with your global colleagues.
Morningstar Research, Inc. (Canada) Legal Entity
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: