Community

Home >

Jobs >

Senior IT Risk and Compliance Analyst

Bucharest, Romania (Hybrid)

Senior IT Risk and Compliance Analyst

2 Months ago • 4 Years + • Cyber Security

About the job

4 skills required for this role

Test your skills to join the top 1% applicants for this job

communication

organisational

business-analysis

organisational-skills

Job Description

Morningstar seeks a Senior IT Risk and Compliance Analyst to support compliance obligations (SOX, SOC2, PCI-DSS, SEC). You'll gather evidence for audits, monitor compliance, identify security findings, and liaise with third-party auditors. 4+ years' experience in risk & compliance or IT auditing with proven expertise in SOX, SOC2, PCI-DSS, GDPR, and IT audits is essential.

Must have:

Compliance Standards
IT Auditing
Risk & Compliance
Security Frameworks

Good to have:

Customer Facing
Business Analysis
Security Policies
Audit Tests

Perks:

Hybrid Work
Global Colleagues

Not hearing back from companies?

Unlock the secrets to a successful job application and accelerate your journey to your next opportunity.

Role:

The Senior IT Risk and Compliance Analyst will assist in supporting Morningstar’s compliance related responsibilities. This individual will help current and future compliance obligations are met, assist in identifying and following up on information security findings, gather evidence required for internal and external audits, and provide level 2 support for analysts responding customer RFPs and due diligence questionnaires.

Location: Bucharest, Romania

Responsibilities:

Assist in supporting Morningstar’s current and future compliance related responsibilities (SOX, SOC2, PCI-DSS, SEC, etc.)

Gather evidence required for internal and external audits

Monitor and enforce compliance to information security and compliance policies and standards

Assist with documenting and regularly reviewing security policies, processes and procedure

Execute audit tests; identify issues and areas for improvement in security policy compliance

Identify and follow up on information security findings to ensure they are properly remediated

Liaise with third party audit personnel as required

Requirements

A bachelor’s degree and 4+ years’ experience in a risk and compliance or I.T. auditor role

Familiarity with common compliance standards (SOX, SOC2, PCI-DSS, GDPR etc.) and experience working directly with internal or external auditors for at least one of the listed standards

1+ years experience in a customer facing role directly responding to customer information security and compliance concerns

Familiarity with IT audits and risk assessments

Familiarity with security frameworks (ISO 27001, NIST, etc.) and general security concepts

Strong organizational skills and the ability to multitask and switch priorities with short notice

Strong business analysis, research and analytical skills

Excellent communication skills

Availability to work off business hours as required

315_Sustainalytics SRL Legal Entity

Morningstar’s hybrid work environment gives you the opportunity to work remotely and collaborate in-person each week. We’ve found that we’re at our best when we’re purposely together on a regular basis, at least three days each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you’ll have tools and resources to engage meaningfully with your global colleagues.

View Full Job Description

Upload your resume, increase your shortlisting chances by 80%