We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure. The Role: The IT Compliance Manager's primary focus is to lead and ...
We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure. The Role: The IT Compliance Manager's primary focus is to lead and ...
Information Security * Risk Management * Data Privacy The ideal candidate's experience may include but is not limited to the following: * Management or participation in Cybersecurity, Information ...
Information Security * Risk Management * Data Privacy The ideal candidate's experience may include but is not limited to the following: * Management or participation in Cybersecurity, Information ...
The Security Risk Assessor will be responsible for identifying, prioritizing, reporting, and ... skills Project Management Education Work with blueStone Recruiting, we understand Information ...
The Security Risk Assessor will be responsible for identifying, prioritizing, reporting, and ... skills Project Management Education Work with blueStone Recruiting, we understand Information ...
Principal Information Security Risk Management - AI
Chicago, IL · Hybrid
$221K - $276K/yr
The Principal Information Security Risk Management, AI is responsible for ensuring enterprise-wide Generative AI (GenAI), Agentic AI, LLMs, and ML security programs are effective, risk-aligned, and ...
Principal Information Security Risk Management - AI
Chicago, IL · Hybrid
$221K - $276K/yr
The Principal Information Security Risk Management, AI is responsible for ensuring enterprise-wide Generative AI (GenAI), Agentic AI, LLMs, and ML security programs are effective, risk-aligned, and ...
... of risk impacts to the firm, manage the Cyber risk register, issue log, facilitate the Risk ... Information Security perspective. This position is 100% Onsite and not open for Remote. Manager ...
... of risk impacts to the firm, manage the Cyber risk register, issue log, facilitate the Risk ... Information Security perspective. This position is 100% Onsite and not open for Remote. Manager ...
We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure. The Role: The IT Compliance Manager's primary focus is to lead and ...
We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure. The Role: The IT Compliance Manager's primary focus is to lead and ...
... of risk impacts to the firm, manage the Cyber risk register, issue log, facilitate the Risk ... Information Security perspective. This position is 100% Onsite and not open for Remote. Manager ...
... of risk impacts to the firm, manage the Cyber risk register, issue log, facilitate the Risk ... Information Security perspective. This position is 100% Onsite and not open for Remote. Manager ...
Information Security * Risk Management * Data Privacy The ideal candidate's experience may include but is not limited to the following: * Management or participation in Cybersecurity, Information ...
Information Security * Risk Management * Data Privacy The ideal candidate's experience may include but is not limited to the following: * Management or participation in Cybersecurity, Information ...
Provide leadership to define and implement a risk based strategy and program to manage our digital ... Monitor information security trends internal and keep leadership informed about information ...
Provide leadership to define and implement a risk based strategy and program to manage our digital ... Monitor information security trends internal and keep leadership informed about information ...
... information security risk oversight for areas of the enterprise that manage technology. As part of this oversight role, experience with cybersecurity domains, operations, architecture, governance ...
... information security risk oversight for areas of the enterprise that manage technology. As part of this oversight role, experience with cybersecurity domains, operations, architecture, governance ...
Advise LOB management on information security risks and recommend actions aligned with the bank's broader risk management and compliance programs. * Act as the primary point of contact for ad hoc ...
Advise LOB management on information security risks and recommend actions aligned with the bank's broader risk management and compliance programs. * Act as the primary point of contact for ad hoc ...
Governance & Risk Analyst
Chicago, IL · On-site
$85K - $95K/yr
The role requires strong analytical skills, stakeholder engagement, and familiarity with information security, privacy, and regulatory frameworks. Key Responsibilities Third-Party Risk Management ...
Governance & Risk Analyst
Chicago, IL · On-site
$85K - $95K/yr
The role requires strong analytical skills, stakeholder engagement, and familiarity with information security, privacy, and regulatory frameworks. Key Responsibilities Third-Party Risk Management ...
Sr. Business Information Security Officer (Sr. BISO) - Consumer Technology
Chicago, IL · On-site
$141K - $202K/yr
The Sr. Business Information Security Officer (SR. BISO) - Consumer and Wealth Management ... Risk Management * Threat Analysis * Vendor Management * Advisory * Business Acumen * Cloud ...
Sr. Business Information Security Officer (Sr. BISO) - Consumer Technology
Chicago, IL · On-site
$141K - $202K/yr
The Sr. Business Information Security Officer (SR. BISO) - Consumer and Wealth Management ... Risk Management * Threat Analysis * Vendor Management * Advisory * Business Acumen * Cloud ...
Sr. Business Information Security Officer (Sr. BISO) - Consumer Technology
Addison, IL · On-site
$141K - $202K/yr
The Sr. Business Information Security Officer (SR. BISO) - Consumer and Wealth Management ... Risk Management * Threat Analysis * Vendor Management * Advisory * Business Acumen * Cloud ...
Sr. Business Information Security Officer (Sr. BISO) - Consumer Technology
Addison, IL · On-site
$141K - $202K/yr
The Sr. Business Information Security Officer (SR. BISO) - Consumer and Wealth Management ... Risk Management * Threat Analysis * Vendor Management * Advisory * Business Acumen * Cloud ...
IT Risk and Compliance Analyst
Chicago, IL · On-site
$90K - $115K/yr
The IT Risk and Compliance Analyst position is a highly visible, client facing role which works ... This role will also help coordinate and maintain the firm's Information Security Management Program ...
IT Risk and Compliance Analyst
Chicago, IL · On-site
$90K - $115K/yr
The IT Risk and Compliance Analyst position is a highly visible, client facing role which works ... This role will also help coordinate and maintain the firm's Information Security Management Program ...
GRC Cybersecurity & AI Governance Specialist
Chicago, IL · On-site
$115K - $144K/yr
We are seeking a Senior Information Security GRC & AI Governance Specialist to lead governance, risk, compliance, and AI assurance initiatives across the organization. "Also known as GRC Manager ...
Quick apply
GRC Cybersecurity & AI Governance Specialist
Chicago, IL · On-site
$115K - $144K/yr
We are seeking a Senior Information Security GRC & AI Governance Specialist to lead governance, risk, compliance, and AI assurance initiatives across the organization. "Also known as GRC Manager ...
... Risk Management, HR teams), and external agencies as needed to ensure that CPS maintains a strong ... information security role • Minimum of three (3) years experience in large (>50,000 users ...
... Risk Management, HR teams), and external agencies as needed to ensure that CPS maintains a strong ... information security role • Minimum of three (3) years experience in large (>50,000 users ...
Executive Director, Information Security
Chicago, IL · On-site
$150K - $179K/yr
... Risk Management, HR teams), and external agencies as needed to ensure that CPS maintains a strong ... information security role • Minimum of three (3) years experience in large (>50,000 users ...
Executive Director, Information Security
Chicago, IL · On-site
$150K - $179K/yr
... Risk Management, HR teams), and external agencies as needed to ensure that CPS maintains a strong ... information security role • Minimum of three (3) years experience in large (>50,000 users ...
Advise LOB management on information security risks and recommend actions aligned with the bank's broader risk management and compliance programs. * Act as the primary point of contact for ad hoc ...
Advise LOB management on information security risks and recommend actions aligned with the bank's broader risk management and compliance programs. * Act as the primary point of contact for ad hoc ...
Information Security & Compliance Analyst
Downers Grove, IL · On-site
$100K - $120K/yr
The Information Security & Compliance Analyst supports the execution of Cooper's Hawk Winery ... This includes supporting Third-Party Risk Management (TPRM) and Privacy initiatives through ...
Information Security & Compliance Analyst
Downers Grove, IL · On-site
$100K - $120K/yr
The Information Security & Compliance Analyst supports the execution of Cooper's Hawk Winery ... This includes supporting Third-Party Risk Management (TPRM) and Privacy initiatives through ...
Information Security Risk Manager information
See Chicago, IL salary details
$64.4K - $77.3K
3% of jobs
$77.3K - $90.2K
5% of jobs
$90.2K - $103.1K
10% of jobs
$113.2K is the 25th percentile. Wages below this are outliers.
$103.1K - $116K
9% of jobs
$116K - $128.9K
13% of jobs
The median wage is $137.6K / yr.
$128.9K - $141.8K
15% of jobs
$141.8K - $154.6K
13% of jobs
$161.3K is the 75th percentile. Wages above this are outliers.
$154.6K - $167.5K
14% of jobs
$167.5K - $180.4K
12% of jobs
$180.4K - $193.3K
6% of jobs
$193.3K - $206.2K
0% of jobs
$64.4K
$140.3K
$206.2K
How much do information security risk manager jobs pay per year?
As of Jun 14, 2026, the average yearly pay for information security risk manager in Chicago, IL is $140,318.00, according to ZipRecruiter salary data. Most workers in this role earn between $113,900.00 and $165,500.00 per year, depending on experience, location, and employer.
Full-time
Medical, Dental, Life, Retirement
Posted 25 days ago
Job description
The Area:
The Information Security department is responsible for setting enterprise security policies and standards that are designed to protect the confidentiality, integrity and availability of Morningstar information. The security team offers guidance and technical expertise in areas like application security, policies and procedures, disaster recovery and compliance/regulation. We analyze emerging security threats and conduct risk and vulnerability assessments to ensure that our information remains secure.
The Role:
The IT Compliance Manager's primary focus is to lead and manage the Information Security Compliance team's effort and activities to ensure information security compliance, privacy and protection across Morningstar. This individual will act as a liaison between Information Security and the Business regarding compliance related issues and activities, execute compliance status reporting and metrics, lead the third-party risk management program, lead internal and external IT auditing processes, monitor information security and IT processes for compliance and policy issues and collaborate on risk vulnerability assessments. Provides technical expertise in all aspects of enterprise information security compliance for all applicable regulations. This role requires an individual who is well rounded - an exceptional multitasker, an effective communicator, is proactive, analytical and detail-oriented, possessing both strong technical and business skills and, operates well under pressure. This position is based in either our Chicago or Toronto office.
Responsibilities
Lead, manage and support Morningstar's current and future compliance related responsibilities (SOX, SOC2, PCI)
Monitor and enforce compliance to information security and compliance policies and standards
Execute audit tests; identify issues and areas for improvement in efficiency and effectiveness of information technology operations
Document and manage security / policy / compliance exceptions where necessary
Manage periodic reviews of security policies, processes and procedures
Lead and manage the third-party risk management program
Conduct relevant contract reviews for client security contracts
Lead and directly manage a team of information security compliance analysts
Liaise with Morningstar's third-party audit personnel including internal, external, and client auditors and facilitate audits as required
Ensure Morningstar processes are efficient and effective, and procedures are up-to-date, relevant, and adhere to compliance standards
Plan, present and drivethe strategic information security compliance program for Morningstar
Requirements
A bachelor's degree and 5+ years' experience in a risk, compliance or IT auditor role
Strong leadership and team development skills, with experience managing cross-functional and global teams.
Excellent communication skills and a familiarity with common compliance standards (SOX, SOC2, PCI-DSS, GDPR, SEC, etc.)
Demonstrated knowledge and experience in the implementation of governance frameworks and security risk management processes, such as NIST, ISO, and COBIT guidelines and standards
Strong organizational skills and the ability to multitask and switch priorities with short notice
Strong business analysis, research and analytical skills
Excellent communication skills and a strong understanding of information security fundamentals
Availability to work off business hours as required
Preferred
Relevant security certifications (CISSP, CISM, or CIPP)
3+ years' experience directly managing personnel, including hiring, developing, motivating, and directing people as they work
Total Cash Compensation Range (base + bonus): $147,550 - $265, 575
Compensation and Benefits
At Morningstar we believe people are at their best when they are at their healthiest. That's why we champion your wellness through a wide range of programs that support all stages of your personal and professional life. Here are some examples of the offerings we provide:
Financial Health
100% 401k match up to 6% of salary
Stock Ownership Potential
Company provided life insurance - 1x salary + commission
Physical Health
Comprehensive health benefits(medical/dental/vision)including potential premium discounts and company-provided HSA contributions (up to $500-$2,000 annually) for specific plansand coverages
Additional medical Wellness Incentives - up to $300-$600 annual
Company-provided long- and short-termdisabilityinsurance
Emotional Health
Trust-Based Time Off
6-week Paid Sabbatical Program
6-Week Paid Family Caregiving Leave
Competitive 8-24 Week Paid Parental Leave
Adoption Assistance
Leadership Coaching & FormalMentorshipOpportunities
Annual Flex Stipend - $1000 annually to cover personal education & well-being expenses
Tuition Reimbursement
Social Health
Charitable Matching Gifts program
Dollars for Doers volunteer program
Paid volunteering days
15+ Employee Resource & Affinity Groups
Morningstar's hybrid work environment gives you the opportunity to collaborate in-person each week as we've found that we're at our best when we're purposely together on a regular basis. In most of our locations, our hybrid work model is four days in-office each week. A range of other benefits are also available to enhance flexibility as needs change. No matter where you are, you'll have tools and resources to engage meaningfully with your global colleagues.