Application Security Architect
Bucharest, RO
2 zile în urmă

ABOUT SUSTAINALYTICS a Morningstar company

Sustainalytics a Morningstar company has been a leading independent provider of Environmental, Social and Governance (ESG) research for the last 25 years.

Our insights are used by clients to make better informed investment decisions, engage with companies in relation to their business activities and drive change.

Sustainalytics is a growing organization with 800 employees and 17 offices globally. In 2020, Sustainalytics has joined Morningstar, a leading provider of independent investment research.

We have a flexible and supportive working culture and empower our employees to progress and develop quickly in an entrepreneurial environment.

Under COVID-19 circumstances, all Sustainalytics employees are now working from home. More than ever, ESG factors are critical to building a more ethical and sustainable global economy.

Our teams need passionate colleagues to join us in delivering quality research products to our clients worldwide.

Our recruitment and selection process is continuing via phone or video meetings. New team members are onboarded and start their first day with the company from the safety of their homes.

We rely on virtual team meetings and management practices, as well as a remote buddy program, to support a smooth integration in our virtual offices.


The Information Security department is responsible for setting enterprise security policies and standards that are designed to protect the confidentiality, integrity, and availability of Morningstar information.

The security team offers guidance and technical expertise in areas like application security, infrastructure and cloud security, policies and procedures, disaster recovery and compliance / regulation.

We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure.


  • Collaborate with development teams and security champions across the organization to architect secure products
  • Contribute to secure reference architectures and patterns for all product teams to leverage
  • Develop, maintain, and communicate future and current security architecture strategies and models
  • Develop and enhance internal security processes, programs, and procedures
  • Conduct risk assessments, threat modeling and information security reviews on Morningstar systems, applications, and platforms
  • Work directly with internal business units to communicate risk, provide security remediation advice, and deliver training as needed.
  • Document secure coding guidelines and run training programs to assist internal development personnel
  • Identify web application security vulnerabilities and offer remediation advice

  • A bachelor’s degree and 5+ years’ experience in a development or software security / penetration testing role, or equivalent experience
  • We are looking for someone who enjoys breaking code, solving puzzles, and diagnosing problems
  • Excellent communication skills and a strong understanding of software development, architecture, and application security
  • A strong understanding of security best practices in Java, JavaScript (and supporting frameworks), .NET, and Python programming languages
  • Experience architecting and deploying applications securely in cloud environments
  • Strong understanding of common authentication models and protocols (SAML, OAuth, OpenID, etc.) preferred
  • Prior development experience preferred
  • Splunk experience preferred
  • Raportați această lucrare

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.