Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Information Security Engineer

Expired Job

Morningstar Chicago , IL 60602

Posted 2 months ago

The Area: The Information Security department is responsible for setting enterprise security policies and standards that are designed to protect the confidentiality, integrity and availability of Morningstar information.

The security team offers guidance and technical expertise in areas like application security, policies and procedures, disaster recovery and compliance/regulation. We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure. The Role:

The Information Security Engineer will evaluate Morningstar infrastructure and internally developed applications to identify vulnerabilities and potential short- and long-term solutions. This individual will assist in maintaining Morningstars security posture by managing security solutions including Splunk, identity and access management, web filtering, EDR, antivirus, endpoint encryption, and threat analytics. They will assist with penetration testing and security architecture reviews.

They will be responsible for monitoring and responding to critical security events. This position is based in our Chicago office. Responsibilities + Automate and integrate security tools and activities + Perform daily security operations activities + Examine and operationalize new adversary detection methods to defend Morningstar + Prioritizes events using existing tools to correlate data for the purposed of reducing false positives and detecting threat + Builds written threat reports to disclose findings and recommendation to remediate the vulnerability and/or threat + Assess the security impact of security alerts and traffic anomalies to identify malicious actions in order to escalate up to senior members of the team + Identify network and middleware security vulnerabilities and offer resolution advice + Conduct risk assessments, threat modeling, privacy assessments and information security reviews on internal Morningstar systems, applications and platforms + Work directly with internal business units to communicate risk and help resolve open vulnerabilities + Understand and help execute information security program goals + Monitor and manage security alerts from key information security dashboards (IDS, antivirus, centralized logging, etc) + Perform malware investigation

  • Manage Web Application Firewalls + Provide security remediation advice and training to technical personnel + Develop and enhance internal security processes, programs and procedures + Review / audit firewall changes + Coordinate remediation activities with IT operations teams Requirements + A bachelors degree and 2+ years experience in the information security field + Were looking for someone who enjoys solving puzzles and diagnosing problems + Excellent communication skills and an understanding of network security fundamentals.

  • Candidates should be interested in keeping up with the latest security trends, as well as enjoy performing code / architecture reviews and penetration test activities + Experience with network security tools, network traffic analyzers, NMap, Rapid7 and Palo Alto Preferred + A strong understanding of PowerShell, Python, Perl, and other scripting languages is preferred + Relevant security certifications (SSCP, CEH, GCIH or equivalent certification is preferred) + Threat intelligence experience + Threat hunting experience + Splunk experience + Public Cloud (AWS, Google, Azure) experience Morningstar is an equal opportunity employer. 001_MstarInc Morningstar Inc. Legal Entity

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security Engineer

Bank Of America Corporation

Posted 2 weeks ago

VIEW JOBS 12/4/2018 12:00:00 AM 2019-03-04T00:00 Job Description: Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team. The Cyber Security Technology (CST) function within Global Information Security is responsible for innovation and architecture, engineering, solutions and capabilities development, deployment maintenance and support of information technology security controls. The CST team is also responsible for the management of the program/project management teams. The Information Security Engineer is responsible for helping to define, drive, and deliver major components of Bank of America's security strategy. You will work with the Program leader on complex, multi-million dollar projects that deliver world-class User/Data Protection controls in support of strategy. Knowledge and experience with information security controls, infrastructure and implementation techniques is a key component to this role. You will demonstrate extraordinary organizational and cross-functional communication skills to drive data loss prevention best practices across the Enterprise. In this role, you will partner with Global Information Security (GIS) senior leaders to assist with defining the strategy and roadmaps for technology products, service standards, and governance routines that impact the global Corporation. You will be partnering with leadership across the Bank to design controls, governance routines, and service alternatives that improve the firm's defenses against Insider risks. You may direct multiple major technology teams within Global Technology that research, engineer, test, implement, communicate, monitor, and maintain solutions supporting the Bank's information security policies and/or procedures. You will utilize your in-depth knowledge and business requirements to design and engineer secure solutions to meet customer/client needs, or to address critical audit findings while protecting the Bank's data assets. Required Skills: * Deep experience with Insider Threat as a focus area within Information Security * Knowledge of User and Entity Behavior Analytics and associated technologies * Familiarity Unstructured Data inspection technology * Experience and hands on knowledge with Data Loss Prevention security controls * Experience Web Proxy controls * Experience with Microsoft Office suite including MS Project and Visio * Ability to navigate and work effectively across a complex, geographically dispersed organization * Exceptional communication and customer relationship skills * Ability to build consensus and cooperation as well as to influence, interact and negotiate with senior leadership in the organization * Knowledge of change and project management methodologies and principles and the ability to integrate them into project design * Broad knowledge of Information Security technologies, techniques and processes * Familiarity with Six Sigma tools and vocabulary * Experience leading complex technical projects, meeting target timelines, facilitating project meetings, authoring project documentation, issue resolution, and project resource identification * Demonstrable ability to self-direct project outcomes, with minimal supervision to achieve program goals * Excellent process design capability to improve overall efficiency, mitigate resource conflicts, and improve customer/client experience Posting Date: 12/04/2018 Location: Chicago, IL, 135 S LA SALLE ST (IL4135), - United States Travel: No Full / Part-time: Full time Hours Per Week: 40 Shift: 1st shift Bank Of America Corporation Chicago IL

Information Security Engineer

Expired Job

Morningstar