Senior Privacy Analyst
‎‎în urmă cu 1 oră

About the Role

  • We are looking for new colleagues to join our newly founded Global Security, Privacy, and Resilience Services team.
  • The goal of the team is to support the entire global Morningstar business, break down silos between the different functional areas, and improve customer service for internal stakeholders.
  • While the role will cover several domains like Privacy, Compliance, Governance, Resilience (Business Continuity, IT Disaster Recovery), experience in all these areas is not required.
  • The successful candidate will have knowledge and hands-on experience in a minimum of 2 of the above domains.

    Job Responsibilities

  • Respond to customer RFP’s, RFI’s, Resilience, Privacy, and Security questionnaires.
  • Collect and analyze security metrics related to risk and compliance for presentation to senior management.
  • Support Third Party Vendor Reviews for potential Security, Resilience, and Privacy risks.
  • Work and communicate with broad range of global employees and provide support for any interactions with the Security, Privacy, and Resilience teams.
  • Work with business units and product teams to assist in completing Location Risk Assessments and IT Disaster Recovery Plans.
  • Support Morningstar’s compliance related responsibilities (SOX, SOC2, PCI-DSS, SEC) by managing collection of audit evidence.
  • Assist with documenting and regularly reviewing security, processes, and procedures.
  • Training and Awareness support training and awareness programs
  • Advise business partners, on policies and standards.
  • Perform analysis on potential incidents submitted through the ticketing system to determine potential severity and if escalation is appropriate.
  • Respond to daily operational tickets following defined SOPs.
  • Track vulnerability tickets to closure, providing guidance, and escalation where necessary.
  • Qualifications

  • A bachelor’s degree in computer science or related field.
  • Strong communication skills.
  • Verbal and written English skills at a professional level.
  • Strong organizational skills and the ability to multitask and switch priorities with short notice.
  • Familiarity with security and resilience frameworks (ISO 27001, ISO 22301, NIST, etc.) and general security and resilience concepts.
  • Familiarity with IT audits and risk assessments.
  • Understanding of enterprise-scale infrastructure, technologies, and applications, both on-premises and in the public cloud.
  • Strong business analysis, research, and analytical skills.
  • Enthusiasm to learn and gain hands-on experience across different domains.
  • Nice to have

    Any of the skills below.

  • Previous experience in information security (1+ years).
  • Knowledge of public cloud technologies and principles, specifically AWS.
  • Previous experience in Resilience, including Risk Assessments, Business Impact Analysis, Business Continuity and IT Disaster Recovery planning and testing (1+ years).
  • Previous experience in Data Privacy (documenting privacy policies, processes and procedure, Data privacy impact assessments, assessment of 3rd party risks, etc. (1+ years).
  • A certification in a relevant domain is a plus.
  • LI-SM1

    315 Sustainalytics SRL Legal Entity

    Raportați această lucrare

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.