Senior Application Security Architect

11 Hours ago • 5 Years + • $96,326 PA - $188,325 PA

Job Summary

Job Description

As a Senior Application Security Architect, you will be part of the central information security team and act as a subject matter expert for all Morningstar product teams. Your responsibilities include providing security guidance, creating application security standards, and conducting threat modeling and security architecture reviews. You will also define the direction of the application security program, improve security processes, and work with business units to communicate risk and provide remediation advice. This role requires a strong understanding of software development and application security, focusing on securing products and ensuring appropriate architectural security guidance.
Must have:
  • 5+ years’ experience in a development or software security role
  • Excellent communication skills and understanding of software development
  • Ability to improve system development security across diverse teams
  • Strong understanding of risk management and architectural impacts
  • Experience architecting and deploying applications securely in cloud environments
Good to have:
  • Strong understanding of common authentication models and protocols (SAML, OAuth, OpenID, etc.)
  • Prior development experience preferred
  • Vulnerability management experience preferred
Perks:
  • 75% 401k match up to 7%
  • Stock Ownership Potential
  • Company provided life insurance - 1x salary + commission
  • Comprehensive health benefits including medical, dental, and vision
  • Additional medical Wellness Incentives
  • Company-provided long- and short-term disability insurance
  • Trust-Based Time Off
  • 6-week Paid Sabbatical Program
  • 6-Week Paid Family Caregiving Leave
  • Competitive 8-24 Week Paid Parental Bonding Leave
  • Adoption Assistance
  • Leadership Coaching & Formal Mentorship Opportunities
  • Annual Education Stipend
  • Tuition Reimbursement
  • Charitable Matching Gifts program
  • Dollars for Doers volunteer program
  • Paid volunteering days
  • 15+ Employee Resource & Affinity Groups

Job Details

The Team:

The Information Security department is responsible for setting enterprise security policies and standards that are designed to protect the confidentiality, integrity, and availability of Morningstar information. The security team offers guidance and technical expertise in areas like application security, infrastructure and cloud security, policies and procedures, disaster recovery and compliance/regulation. We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure.

The Role:
The Senior Application Security Architect will be part of the central information security team and act as a subject matter expert to all of Morningstar’s product teams by provide security guidance and creating application security standards and patterns. The successful candidate will contribute to maintaining Morningstar’s security posture by performing threat modeling, security architecture reviews of Morningstar products and ensure that major projects receive appropriate architectural security guidance, requirements setting, and review. The Application Security Architect will also partner with the Director of Product Security to define the direction of the application security program as well as on improving security processes and tooling. The position will be based in our Chicago or Toronto office.

We follow a hybrid policy of 3 days onsite and 2 days remote work.

Job Responsibilities:

  • Collaborate with development teams across the organization to secure products
  • Contribute to secure reference architectures and patterns for all product teams to leverage
  • Develop, maintain, and communicate future and current product security initiatives
  • Develop and enhance internal security processes, programs, and procedures
  • Conduct risk assessments, threat modeling, and product security reviews on Morningstar systems
  • Work directly with internal business units to communicate risk, provide security remediation advice, and deliver education as needed.
  • Document secure coding guidelines and assist execution by internal development personnel
  • Identify web/mobile/api application security vulnerabilities and offer remediation advice

Qualifications:

  • A bachelor’s degree and 5+ years’ experience in a development or software security / penetration testing role, or equivalent experience
  • We are looking for someone who enjoys breaking code, solving puzzles, and diagnosing problems
  • Excellent communication skills and a strong understanding of software development, architecture, and application security
  • An ability to improve system development security across diverse technical teams and technologies
  • Strong understanding of risk management and the real-world impacts of architectural decisions
  • Experience architecting and deploying applications securely in cloud environments

Nice to have:

  • Strong understanding of common authentication models and protocols (SAML, OAuth, OpenID, etc.) preferred
  • Prior development experience preferred
  • Vulnerability management experience preferred

Compensation and Benefits

At Morningstar we believe people are at their best when they are at their healthiest. That’s why we champion your wellness through a wide-range of programs that support all stages of your personal and professional life. Here are some examples of the offerings we provide:

  • Financial Health
    • 75% 401k match up to 7%
    • Stock Ownership Potential
    • Company provided life insurance - 1x salary + commission
  • Physical Health 
    • Comprehensive health benefits (medical/dental/vision) including potential premium discounts and company-provided HSA contributions (up to $500-$2,000 annually) for specific plans and coverages
    • Additional medical Wellness Incentives - up to $300-$600 annual
    • Company-provided long- and short-term disability insurance
  • Emotional Health 
    • Trust-Based Time Off
    • 6-week Paid Sabbatical Program
    • 6-Week Paid Family Caregiving Leave
    • Competitive 8-24 Week Paid Parental Bonding Leave
    • Adoption Assistance
    • Leadership Coaching & Formal Mentorship Opportunities
    • Annual Education Stipend
    • Tuition Reimbursement
  • Social Health 
    • Charitable Matching Gifts program
    • Dollars for Doers volunteer program
    • Paid volunteering days
    • 15+ Employee Resource & Affinity Groups

Base Salary Compensation Range

$96,326.00 - 163,761.00 USD Annual

Total Cash Compensation Range

$110,775.00 - 188,325.00 USD Annual

Morningstar’s hybrid work environment gives you the opportunity to work remotely and collaborate in-person each week. While some positions are available as fully remote, we’ve found that we’re at our best when we’re purposely together on a regular basis, typically three days each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you’ll have tools and resources to engage meaningfully with your global colleagues.

100_MstarResCanad Morningstar Research, Inc. (Canada) Legal Entity

Similar Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Skill Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Jobs in Chicago, Illinois, United States

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Morningstar is strongly committed to creating and preserving equal opportunity for all employees and applicants. We make all employment decisions—including recruitment, hiring, compensation, training, promotion, transfer, discipline, termination, and other personnel matters—without regard to race, color, ancestry, religion, sex, national origin, age, disability, protected veteran status, marital status, sexual orientation, genetic information, citizenship, gender identity and expression, parental status, or other legally protected characteristics or conduct.Read More

Chicago, Illinois, United States (Hybrid)

Chicago, Illinois, United States (Hybrid)

Sydney, New South Wales, Australia (Hybrid)

Sydney, New South Wales, Australia (Hybrid)

Sydney, New South Wales, Australia (Hybrid)

Sydney, New South Wales, Australia (Hybrid)

New York, United States (Hybrid)

Mumbai, Maharashtra, India (Hybrid)

Mumbai, Maharashtra, India (Hybrid)

Frankfurt Am Main, Hessen, Germany (Hybrid)

View All Jobs

Get notified when new jobs are added by Morningstar

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug