Morningstar, Inc.
Cloud Security Engineer
Morningstar, Inc., Chicago, Illinois, United States, 60290
About the RoleAs a Cloud Security Engineer on the Cloud Services team, you will be supporting the creation/communication of our cloud security best practices across all product teams at Morningstar. The responsibility of the role is to support the information security roadmap and contribute to the delivery of secure systems, technical projects, and regulatory and risk requirements. This includes infosec framework, engineering new technologies, program optimization, vulnerability remediation, metrics reporting, performance analysis, and mitigating operational risk. The role is required to support complex project work efforts, perform advanced analyses, make near real-time decisions, collaborate with project/business/audit teams, issue documentation/reports, investigate cases or design solutions, adhere to architecture guides, engineer solutions to advance the infosec roadmap, remediate risk, offer solutions to teams, and coordinate implementing the solutions or apply standards/audits requirements to ensure security infrastructure and solutions/technologies implementation comply.This position is based in our Chicago office.
We follow a hybrid policy of 3 days onsite and 2 days remote work.Job Responsibilities:Security reviews for new products, technologies, and servicesSecure design, architecture, and implementationInfluence decision-makers and stakeholders to achieve a consistently high security barCreate security guidance and documentationAid in security projects (including security reviews, tool development, and creation of new security practicesDevelop security tools and automationDevelop and deliver security training and outreach to internal development teamsQualifications:Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experienceMinimum of 3 years of professional experience with any combination of at least 2 technical disciplines, including the following: cloud engineering, cloud security, network security, application security, mobile security, secure development methodologies, software development and coding, identity management, authentication and authorization, network architecture, system administration, and systems engineeringStrong foundational knowledge across AWS, Microsoft Azure, and/or Google Cloud technology stackStandardizing Azure/GCP and/or AWS Security Best practices, processes, and proceduresBuilding and operating automated security operationsExperience implementing AWS, Azure, and/or GCP via Infrastructure-as-CodeExperience scripting (i.e. Python, Bash, PowerShell, etc.)Designing and advising against security requirements to support cloud migration effortsStrong knowledge of industry trends in security technology.Strong debugging and critical thinking skills.Solid communication and documentation skills.Nice to Have:Experience with CI/CD - deployment pipelines, automated build and configuration tools, infrastructure-as-code (such as Harness, Cloudbees, Terraform, CDK, ARM)Networking and infrastructure skills.Experience working with WizPassion for staying current on trends and best practices in cloud/information security001_MstarInc Morningstar Inc. Legal Entity Morningstar's hybrid work environment gives you the opportunity to work remotely and collaborate in-person each week. We've found that we're at our best when we're purposely together on a regular basis, at least three days each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you'll have tools and resources to engage meaningfully with your global colleagues.
#J-18808-Ljbffr
We follow a hybrid policy of 3 days onsite and 2 days remote work.Job Responsibilities:Security reviews for new products, technologies, and servicesSecure design, architecture, and implementationInfluence decision-makers and stakeholders to achieve a consistently high security barCreate security guidance and documentationAid in security projects (including security reviews, tool development, and creation of new security practicesDevelop security tools and automationDevelop and deliver security training and outreach to internal development teamsQualifications:Bachelor (undergraduate) degree in a relevant field (Computer Science, Software Engineer, Security, or others) OR an equivalent combination of education, training, and experienceMinimum of 3 years of professional experience with any combination of at least 2 technical disciplines, including the following: cloud engineering, cloud security, network security, application security, mobile security, secure development methodologies, software development and coding, identity management, authentication and authorization, network architecture, system administration, and systems engineeringStrong foundational knowledge across AWS, Microsoft Azure, and/or Google Cloud technology stackStandardizing Azure/GCP and/or AWS Security Best practices, processes, and proceduresBuilding and operating automated security operationsExperience implementing AWS, Azure, and/or GCP via Infrastructure-as-CodeExperience scripting (i.e. Python, Bash, PowerShell, etc.)Designing and advising against security requirements to support cloud migration effortsStrong knowledge of industry trends in security technology.Strong debugging and critical thinking skills.Solid communication and documentation skills.Nice to Have:Experience with CI/CD - deployment pipelines, automated build and configuration tools, infrastructure-as-code (such as Harness, Cloudbees, Terraform, CDK, ARM)Networking and infrastructure skills.Experience working with WizPassion for staying current on trends and best practices in cloud/information security001_MstarInc Morningstar Inc. Legal Entity Morningstar's hybrid work environment gives you the opportunity to work remotely and collaborate in-person each week. We've found that we're at our best when we're purposely together on a regular basis, at least three days each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you'll have tools and resources to engage meaningfully with your global colleagues.
#J-18808-Ljbffr