Senior IT Risk and Compliance Analyst
Bucharest
Morningstar
Our independent research, ratings, and tools are helping people across the investing ecosystem write their own financial futures.Role:
The Senior IT Risk and Compliance Analyst will assist in supporting Morningstar’s compliance related responsibilities. This individual will help current and future compliance obligations are met, assist in identifying and following up on information security findings, gather evidence required for internal and external audits, and provide level 2 support for analysts responding customer RFPs and due diligence questionnaires.
Location: Bucharest, Romania
Responsibilities:
- Assist in supporting Morningstar’s current and future compliance related responsibilities (SOX, SOC2, PCI-DSS, SEC, etc.)
- Gather evidence required for internal and external audits
- Monitor and enforce compliance to information security and compliance policies and standards
- Assist with documenting and regularly reviewing security policies, processes and procedure
- Execute audit tests; identify issues and areas for improvement in security policy compliance
- Identify and follow up on information security findings to ensure they are properly remediated
- Liaise with third party audit personnel as required
Requirements
- A bachelor’s degree and 4+ years’ experience in a risk and compliance or I.T. auditor role
- Familiarity with common compliance standards (SOX, SOC2, PCI-DSS, GDPR etc.) and experience working directly with internal or external auditors for at least one of the listed standards
- 1+ years experience in a customer facing role directly responding to customer information security and compliance concerns
- Familiarity with IT audits and risk assessments
- Familiarity with security frameworks (ISO 27001, NIST, etc.) and general security concepts
- Strong organizational skills and the ability to multitask and switch priorities with short notice
- Strong business analysis, research and analytical skills
- Excellent communication skills
- Availability to work off business hours as required
315_Sustainalytics SRL Legal Entity
Morningstar’s hybrid work environment gives you the opportunity to work remotely and collaborate in-person each week. We’ve found that we’re at our best when we’re purposely together on a regular basis, at least three days each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you’ll have tools and resources to engage meaningfully with your global colleagues.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Compliance GDPR ISO 27001 NIST Risk assessment SOC 2 SOX
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.