Senior Security Engineer

**Role Overview:**

Join a world-class team of skilled engineers at Gartner IT, where you will be responsible for supporting Gartner's AppSec function as a Sr. Security Engineer. You will play a crucial role in executing daily vulnerability assessments, collaborating with Information Security partners and technology stakeholders, and developing and tracking risk/vulnerability remediation strategies. Your role will involve prioritizing efforts across various business units, implementing security tools, technologies, and controls, and providing education and training to enhance the organization's security posture.

**Key Responsibilities:**

• Support day-to-day life cycle management of identifying and remedying security vulnerabilities and threats to Gartner Systems and Data
• Create actionable recommendations based on vulnerability analysis to enhance Gartner's security posture
• Coordinate orchestration, automation, and management of security technologies and platforms
• Develop and implement solutions to meet complex business and technical requirements
• Define and implement meaningful metrics to measure the effectiveness of security controls through KRIs and security scorecards
• Act as a subject-matter-expert for Application Security and provide support for critical issues and security risk assessments
• Evaluate business and technical requirements to identify and implement tools, processes, and technologies to improve security posture
• Ensure continuous improvement of existing compliance processes

**Qualifications Required:**

• Strong independent critical thinking and problem-solving skills
• Proven experience in developing and maturing KPIs and Metrics for assessing the effectiveness of an Application security program
• 4+ years of technical and professional expertise
• Excellent communication, collaboration, and critical thinking skills
• Ability to define and communicate risk in a business-relevant language
• Deep technical expertise in at least one additional area of Information Security
• Passion for identifying flaws in processes and communicating recommendations for improvement
• Ability to educate Engineering and Architecture teams on the importance of Information Security
• Familiarity with technical security controls, guidelines, and frameworks such as SOC2, ISO 27001/27013, NIST 800-53 (Nice to have)
• Scripting or programming experience in languages like Java, .NET, HTML, Ruby, Python, etc. (Nice to have)
• Experience with penetration testing and web application assessment (Nice to have) **Role Overview:**

Join a world-class team of skilled engineers at Gartner IT, where you will be responsible for supporting Gartner's AppSec function as a Sr. Security Engineer. You will play a crucial role in executing daily vulnerability assessments, collaborating with Information Security partners and technology stakeholders, and developing and tracking risk/vulnerability remediation strategies. Your role will involve prioritizing efforts across various business units, implementing security tools, technologies, and controls, and providing education and training to enhance the organization's security posture.

**Key Responsibilities:**

• Support day-to-day life cycle management of identifying and remedying security vulnerabilities and threats to Gartner Systems and Data
• Create actionable recommendations based on vulnerability analysis to enhance Gartner's security posture
• Coordinate orchestration, automation, and management of security technologies and platforms
• Develop and implement solutions to meet complex business and technical requirements
• Define and implement meaningful metrics to measure the effectiveness of security controls through KRIs and security scorecards
• Act as a subject-matter-expert for Application Security and provide support for critical issues and security risk assessments
• Evaluate business and technical requirements to identify and implement tools, processes, and technologies to improve security posture
• Ensure continuous improvement of existing compliance processes

**Qualifications Required:**

• Strong independent critical thinking and problem-solving skills
• Proven experience in developing and maturing KPIs and Metrics for assessing the effectiveness of an Application security program
• 4+ years of technical and professional expertise
• Excellent communication, collaboration, and critical thinking skills
• Ability to define and communicate risk in a business-relevant language
• Deep technical expertise in at least one additional area of Information Security
• Passion for identifying flaws in processes and communicating recommendations for improvement
• Ability to educate Engineering and Architecture teams on the importance of Information Security
• Familiarity with technical security controls, guidelines, and frameworks such as SOC2, ISO 27001/27013, NIST 800-53 (Nice to have)
• Scripting or programming experience in languages like Java, .NET, HTML, Ruby, Python, etc.