Manager of Information Security

Morningstar Inc

Hybrid

Quick summary

Work type
Hybrid
Location
Chicago, IllinoisToronto, Canada
Salary
$147,550–$147,550 / yr
Posted
28 days ago
Nearby
72 roles within 25 mi

Market check

Salary context

Below market

How this pay compares to similar roles

Similar $186k
This role $148k
$127k most similar roles pay here $230k

This role pays less than 80% of similar roles. Most pay $151,475–$219,844 — the shaded band above. At the midpoint, this role pays about $148k versus about $186k for comparable roles.

Based on 240 similar postings.

Employer

About Morningstar Inc

Morningstar, Inc. is a leading financial services firm providing independent investment research, data, and management services to individuals, advisors, and institutions.

Morningstar Inc currently has 15 open roles on FindRole.

Listed pay typically runs $114,100–$167,350 across 15 roles with salary data.

Most-posted roles

View all roles at Morningstar Inc

At a glance

TL;DR · Manager of Information Security

Apply Now Log in to save

The IT Compliance Manager role within Morningstar’s Information Security department requires a seasoned professional to lead and manage the compliance team, ensuring adherence to enterprise security policies and standards. This individual will oversee compliance with regulations like SOX, SOC2, and PCI, execute audit tests, and document exceptions while managing periodic reviews of security policies. Key responsibilities include leading third-party risk management, conducting contract reviews, and collaborating with internal and external auditors. The ideal candidate has 5+ years of experience in a risk or IT auditor role, strong leadership skills for cross-functional teams, and expertise in compliance standards such as SOX, SOC2, PCI-DSS, GDPR, SEC, NIST, ISO, and COBIT. They must excel at multitasking, communication, and strategic planning to drive the information security compliance program effectively.

Skills

SOX SOC2 PCI-DSS GDPR SEC NIST ISO COBIT CISSP CISM CIPP

What you'll do

  • Lead and manage Morningstar’s compliance efforts for SOX, SOC2, PCI.
  • Monitor and enforce adherence to information security policies and standards.
  • Execute audit tests and identify areas for improving IT operations efficiency.
  • Manage periodic reviews of security policies, processes, and procedures.
  • Lead the third-party risk management program and conduct contract reviews.
  • Plan and drive strategic information security compliance programs for Morningstar.

What we're looking for

  • 5+ years of experience in risk, compliance, or IT audit roles.
  • Bachelor’s degree required; relevant security certifications preferred (CISSP, CISM).
  • Strong leadership and team development skills with cross-functional/global team management.
  • Excellent communication skills and familiarity with common compliance standards (SOX, SOC2).
  • Demonstrated knowledge of governance frameworks and risk management processes (NIST, ISO).

Related searches

More Manager of Information Security jobs Manager of Information Security jobs in Chicago All jobs at Morningstar Inc

More like this

Similar roles

Information Systems Security Manager

Leidos

Arlington, Virginia 61 days ago $107,900$195,050
RMF NIST DISA DoD STIGs JSIG eMASS DRAM ACAS Splunk CI/CD Terraform AWS Kubernetes Python PostgreSQL Git Jenkins Ansible Docker
Save

Information Systems Security Manager

Booz Allen Hamilton

Warren, MI 21 days ago $86,900$198,000
NIST RMF GRC security documentation tool eMASS STIGs SCAP ACAS Ports Protocols and Services Matrix VRAM Host-Based Security System MICROSOFT OFFICE CI/CD
Save

Information Systems Security Manager

Anduril Industries

Costa Mesa, CA 13 days ago $146,000$194,000
IDS/IPS Encryption protocols Kubernetes Software Composition Analysis (SCA) DoD cybersecurity standards Authorization and Accreditation (A&A) Incident response Security risk assessments Vulnerability assessments Audit Cloud Service Providers (CSPs) Micro-services architecture Containerization Secure communications technologies Information Technology Risk Management Framework
Save

Information Systems Security Manager

Anduril Industries

Washington, DC 13 days ago $146,000$194,000
IDS/IPS Encryption protocols Kubernetes Software Composition Analysis (SCA) DoD cybersecurity standards Authorization and Accreditation (A&A) Incident response Security risk assessments Vulnerability assessments Audit Cloud Service Providers (CSPs) Micro-services architecture Containerization Secure communications technologies Information Technology Risk Management Framework
Save

Information Systems Security Manager

Booz Allen Hamilton

Arlington, VA +1 5 days ago $86,800$198,000
NIST RMF GRC security documentation tool DoD RMF process DoD A&A processes eMASS STIGs SCAP ACAS CISSP CISM CASP+ CompTIA Security+ TS/SCI clearance
Save

Manager - Business Information Security Officers

nCino

Us, North Carolina 27 days ago $121,900$213,300
SOC 2 ISO 27001 PCI DSS CSA STAR NIST AI RMF cloud security SaaS multi-tenant environment secure SDLC vulnerability management application security CI/CD AI tools dashboards reports
Save