Senior IT Risk and Compliance
MorningstarToronto, Ontario, Canada
Posted March 19, 2026
90000 - 132711 USD
Full Time
About the Company
Morningstar's hybrid work environment gives you the opportunity to collaborate in-person each week.
Job Description
The Information Security Team is looking for a Senior Analyst Third-Party Vendor Risk Analyst to join the IT Compliance Team. The Senior Third-Party Vendor Risk Analyst will help shape the Information Security Team’s third party vendor risk management program.
Requirements
- A bachelor’s degree and 5+ years’ experience include 3+ in a vendor risk related role
- Experience serving as the subject matter expert for security vendor due diligence
- Experience performing contract review of security terms
- Familiarity with common compliance standards (SOX, SOC2, PCI-DSS, GDPR etc.)
- Familiarity with security frameworks (ISO 27001, NIST, etc.) and general security concepts
- Strong organizational skills and the ability to multitask and switch priorities with short notice
- Strong business analysis, research and analytical skills
- Excellent communication skills
Benefits
- hybrid work environment
- four days in-office each week
- range of other benefits to enhance flexibility
