Lead Security Engineer

About the role:

We are seeking a Lead Security Engineer to help drive our security detection and response efforts. In this role, you will be responsible for designing, implementing, and improving security monitoring, automation, and response capabilities. You will work closely with security engineers, analysts, and cross-functional teams to strengthen our security posture.

This position is based in our Chicago office. We follow a hybrid policy of 3 days onsite and 2 days remote work.

Key Responsibilities

• Lead security detection and response initiatives, ensuring effective threat monitoring, investigation, and mitigation.  
• Develop and maintain security detections across SIEM, SOAR, and EDR platforms.  
• Architect and optimize security automation workflows to enhance threat response efficiency.  
• Collaborate with our in-house SOC and IT teams to refine detection and preventative capabilities and reduce false positives.  
• Research and implement new security technologies and best practices to enhance monitoring and response effectiveness.  
• Perform security assessments, tuning detection rules, and developing playbooks for security incidents.  
• Mentor junior engineers and contribute to security strategy and roadmap planning.  

Requirements

• 5+ years of hands-on experience in security engineering, threat detection, and response.  
• Strong expertise with SIEM, SOAR, and EDR.  
• Experience developing and tuning detections using logs, telemetry, and threat intelligence.  
• Proficiency in scripting and automation (Python, PowerShell, Bash, etc.).  
• Strong understanding of attack techniques (MITRE ATT&CK framework) and incident response methodologies.  
• Ability to analyze security telemetry, investigate threats, and develop effective mitigation strategies.  
• Excellent communication skills and ability to collaborate across teams.  

Preferred Qualifications

• Experience with cloud security monitoring (AWS, Azure, GCP).  
• Familiarity with security frameworks (NIST, CIS, ISO 27001).  
• Certifications such as GIAC (GCDA, GCIH, GCFA), OSCP, CISSP, or relevant credentials.  

If you are passionate about security, automation, and detection engineering, we'd love to hear from you! Apply today to be a part of our growing security team.

Compensation and Benefits

At Morningstar we believe people are at their best when they are at their healthiest. That’s why we champion your wellness through a wide-range of programs that support all stages of your personal and professional life. Here are some examples of the offerings we provide:

• Financial Health
  • 75% 401k match up to 7%
  • Stock Ownership Potential
  • Company provided life insurance - 1x salary + commission

• Physical Health 
  • Comprehensive health benefits (medical/dental/vision) including potential premium discounts and company-provided HSA contributions (up to $500-$2,000 annually) for specific plans and coverages
  • Additional medical Wellness Incentives - up to $300-$600 annual
  • Company-provided long- and short-term disability insurance

• Emotional Health 
  • Trust-Based Time Off
  • 6-week Paid Sabbatical Program
  • 6-Week Paid Family Caregiving Leave
  • Competitive 8-24 Week Paid Parental Bonding Leave
  • Adoption Assistance
  • Leadership Coaching & Formal Mentorship Opportunities
  • Annual Education Stipend
  • Tuition Reimbursement

• Social Health 
  • Charitable Matching Gifts program
  • Dollars for Doers volunteer program
  • Paid volunteering days
  • 15+ Employee Resource & Affinity Groups

Total Cash Compensation Range

Inclusive of annual base salary and target incentive

Morningstar’s hybrid work environment gives you the opportunity to work remotely and collaborate in-person each week. While some positions are available as fully remote, we’ve found that we’re at our best when we’re purposely together on a regular basis, typically three days each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you’ll have tools and resources to engage meaningfully with your global colleagues.

100_MstarResCanad Morningstar Research, Inc. (Canada) Legal Entity