Senior Application Security Architect page is loaded Senior Application Security Architect Apply locations Chicago time type Full time posted on Posted 2 Days Ago job requisition id REQ-047205 The Team: The Information Security department is responsible for setting enterprise security policies and standards that are designed to protect the confidentiality, integrity, and availability of Morningstar information. The security team offers guidance and technical expertise in areas like application security, infrastructure and cloud security, policies and procedures, disaster recovery and compliance/regulation. We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure. The Role: The Senior Application Security Architect will be part of the central information security team and act as a subject matter expert to all of Morningstar’s product teams by provide security guidance and creating application security standards and patterns. The successful candidate will contribute to maintaining Morningstar’s security posture by performing threat modeling, security architecture reviews of Morningstar products and ensure that major projects receive appropriate architectural security guidance, requirements setting, and review. The Application Security Architect will also partner with the Director of Product Security to define the direction of the application security program as well as on improving security processes and tooling. The position will be based in our Chicago or Toronto office. We follow a hybrid policy of 3 days onsite and 2 days remote work. Job Responsibilities: Collaborate with development teams across the organization to secure products Contribute to secure reference architectures and patterns for all product teams to leverage Develop, maintain, and communicate future and current product security initiatives Develop and enhance internal security processes, programs, and procedures Conduct risk assessments, threat modeling, and product security reviews on Morningstar systems Work directly with internal business units to communicate risk, provide security remediation advice, and deliver education as needed. Document secure coding guidelines and assist execution by internal development personnel Identify web/mobile/api application security vulnerabilities and offer remediation advice Qualifications: A bachelor’s degree and 5+ years’ experience in a development or software security / penetration testing role, or equivalent experience We are looking for someone who enjoys breaking code, solving puzzles, and diagnosing problems Excellent communication skills and a strong understanding of software development, architecture, and application security An ability to improve system development security across diverse technical teams and technologies Strong understanding of risk management and the real-world impacts of architectural decisions Experience architecting and deploying applications securely in cloud environments Nice to have: Strong understanding of common authentication models and protocols (SAML, OAuth, OpenID, etc.) preferred Prior development experience preferred Vulnerability management experience preferred Compensation and Benefits At Morningstar we believe people are at their best when they are at their healthiest. That’s why we champion your wellness through a wide-range of programs that support all stages of your personal and professional life. Here are some examples of the offerings we provide: Financial Health 75% 401k match up to 7% Stock Ownership Potential Company provided life insurance - 1x salary + commission

Physical Health Comprehensive health benefits (medical/dental/vision) including potential premium discounts and company-provided HSA contributions (up to $500-$2,000 annually) for specific plansand coverages Additional medical Wellness Incentives - up to $300-$600 annual Company-provided long- and short-term disabilityinsurance

Emotional Health Trust-Based Time Off 6-week Paid Sabbatical Program 6-Week Paid Family Caregiving Leave Competitive 8-24 Week Paid Parental Bonding Leave Adoption Assistance Leadership Coaching & Formal MentorshipOpportunities Annual Education Stipend Tuition Reimbursement

Social Health Charitable Matching Gifts program Dollars for Doers volunteer program Paid volunteering days 15+ Employee Resource & Affinity Groups

Base Salary Compensation Range $96,326.00 - 163,761.00 USD Annual Total Cash Compensation Range $110,775.00 - 188,325.00 USD Annual Morningstar’s hybrid work environment gives you the opportunity to work remotely and collaborate in-person each week. While some positions are available as fully remote, we’ve found that we’re at our best when we’re purposely together on a regular basis, typically three days each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you’ll have tools and resources to engage meaningfully with your global colleagues. 100_MstarResCanad Morningstar Research, Inc. (Canada) Legal Entity About Us How to Apply for a Job at Morningstar Step 1 When you find a position you're interested in, click the 'Apply' button. Please fill out this form completely, attaching your resume and cover letter in the approved format. Read the job requirements carefully and make sure to attach writing or design samples as required. Applicants must submit their resume and other information through our corporate website to be considered for a job at Morningstar. No phone calls, please. Step 2 You will receive an email notification to confirm that we've received your application. Step 3 If you are called in for an interview, a representative from Morningstar will contact you to set up a date, time, and location. Be prepared for a rigorous interview process. To make sure you're a good fit for Morningstar and we're a good fit for you, we'll schedule time for you to meet with multiple staff members at all levels of the company. Expect to return for multiple interviews as part of the process. A representative from Morningstar will contact you with the results of your interview—either with a job offer or to let you know our plans for the position. Applicants With Disabilities Who Need Accommodation Morningstar is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the employment process, please call +1 312 384-3900 or email AskHR@morningstar.com and let us know the nature of your request and your contact information. Please note: We only accept calls from applicants who need accommodation related to a disability. Please, no calls with unrelated questions or requests. Please be sure to include the title and location of the open position you’re interested in when you leave a message. US Applicants: Morningstar is an E-Verify program participant. Morningstar is strongly committed to creating and preserving equal opportunity for all employees and applicants. We make all employment decisions—including recruitment, hiring, compensation, training, promotion, transfer, discipline, termination, and other personnel matters—without regard to race, color, ancestry, religion, sex, national origin, age, disability, protected veteran status, marital status, sexual orientation, genetic information, citizenship, gender identity and expression, parental status, or other legally protected characteristics or conduct.

#J-18808-Ljbffr