Hiring near our Irving, TX Center of Excellence - hybrid work environment.
About Gartner IT:
Join a world-class team of skilled engineers and analysts who build creative digital solutions to support our colleagues and clients. We make a broad organizational impact by delivering cutting-edge technology solutions that power Gartner. Gartner IT values its culture of nonstop innovation, an outcome-driven approach to success, and the notion that great ideas can come from anyone on the team.
About the role
Gartner information security teams are a group of passionate information security professionals dedicated to Protecting, Detecting, and Responding to threats. Our team is filled with lifelong learners who are consistently researching ways to better defend and stay ahead of the threats of tomorrow. We are a collaborative group, where good ideas come together whether they come from the most experienced or the newest members of the team.
Gartner is looking for a well-rounded and motivated Lead Security Analyst to join its Governance Risk Management team which is responsible for providing IT Risk Management; IT Policies, Standards and Controls; and Audit/Governance oversight.
The Lead Security Analyst will be responsible for supporting Gartner’s security control environment by managing risk associated with Information Technology, Information Security, Privacy, Regulatory Compliance and Governance. This individual will play an integral role in: (i) working closely with Information Security partners, and technology stakeholders to audit/test controls; (ii) ensuring risks are identified and understood; (iii) developing and tracking risk remediation plans across our various business units; and (iv) create and maintain effective reporting for risk owners and IT leadership. This individual should have extensive experience with developing and implementing risk frameworks, understanding regulatory requirements, and assessing control compliance.
What you will do
Serve as subject matter expert and manage Risk Reviews / Risks / Risk Exception Requests
Assess our control effectiveness and conduct control gap analysis against key Frameworks/Standards such as NIST CSF, SOX, CMMC, ISO 27001, GDPR, etc.
Track and monitor remediation and risk treatment plans.
Ability to map and report risks, issues, exception, policy to NIST CSF
Develop testing routines and schedules for our key regulatory requirements.
Understand and consider all relevant trade-offs required to manage different levels of risk tolerance and risk exposure across the organization and be able to communicate to responsible team members.
Partner with internal Security Operations and Engineering to ensure risks are well understood and proposed countermeasures are effective at mitigating risk.
Coordinate with technology, audit, ERM, and information security stakeholders to assess, implement, and monitor information security-related risks/threats.
Support and advise business-led projects on information security-related risks and standards compliance.
Lead efforts to implement and maintain security policies and remediation processes.
Perform proactive technical research to detect emerging risks and threat trends.
Understand the “voice of the customer” and develop mechanisms to proactively sense adoption and usage patterns of current or emerging consumer technologies so that policy can align with need.
Develop and provide leadership/peers/business with reporting and timely updates that tells the story needed for each audience.
Continuously look for ways to improve (quality and efficiency) the process.
Take ownership of assignments & drive them to completion.
Work collaboratively across functional areas for innovation to turn new ideas into reality.
Assist others on the team for Policy and Certification/Assessment efforts, Client support including contract reviews.
What you will need
Ideal candidates have experience in IT with a strong understanding of Information Security. Candidates should have strong communication and attention to detail. Strong communication to partner with many departments within Gartner as well as occasionally working directly with clients. Strong attention to detail to ensure we provide accurate and consistent Risk Reviews, Audit Assessments, answers to stakeholders (including clients), as well as thorough reviews of contracts/documents.
Must have
Bachelor's or master's degree in computer science, information systems, cybersecurity or a related field.
7-10 years of experience in IT and/or Information Security.
Proven communication, collaboration, critical thinking skills and attention to detail.
Familiarity with technical security controls, guidelines, certifications, regulations and framework (e.g., NIST CSF, NIST 800-171, SOX, CMMC, ISO 27001, GDPR).
Experience with Risk Registry, Risk Exceptions, Audit Process, Policy/Standard/Controls.
Experience with mapping Risk items, Audit items, Policy items to NIST CSF; then provide clear and meaningful reporting
Ability to define and communicate risk in a business-relevant language and to non-technical audiences.
Deep technical expertise in at least one additional area of Information Security.
Experience with Information Security, Physical Security, Legal, and other IT processes and functions.
Experience with implementing national and international regulatory compliances and frameworks such as NIST Cyber Security Framework, CMMC, ISO, SOX, GDPR, etc.
Familiarity with technical security controls, guidelines, and frameworks outlined by standards such as SOC2, ISO 27001/27013, NIST 800-53.
Have a knack for finding flaws in processes and the ability to efficiently communicate how to fix them.
Proven ability to communicate and educate Engineering and Architecture teams as to why Information Security is an important function to the business.
Ability to think like a bad actor and use that context to develop threat models.
Nice to have
Understanding and working experience with cloud / server / container / vulnerability security tools.
Preferred skills in Microsoft Office, JIRA, OneTrust and Confluence.
Who you are
Proven communication, collaboration, and critical thinking skills.
Ability to define and communicate risk in a business-relevant language and to non-technical audiences.
Able to work independently or within a team proactively in a time sensitive operations environment.
Innovation mindset – Takes opportunities to make existing processes more efficient and thinks “automation first”.
Strong desire to improve upon and broaden their skills in information security.
Don’t meet every single requirement? We encourage you to apply anyway. You might just be the right candidate for this, or other roles.
What you will get:
Competitive compensation.
Limitless growth and learning opportunities.
Ongoing mentorship and apprenticeship; Leadership courses, development programs, technical courses, certification opportunities and more!
A collaborative and positive culture - join a diverse team of professionals that are as smart and driven as you.
A chance to make an impact – your work will contribute directly to our strategy.
A hybrid work environment—enjoy the flexibility of working from home and the energy of collaborating with peers in our dynamic offices.
20+ PTO days plus holidays and floating holidays in your first year.
Extensive medical, dental insurance and vision plan.
401K with corporate match, immediate vesting.
Health-and-wellness-related allowance programs.
Parental leave.
Tuition reimbursement.
Employee Stock Purchase Plan.
Employee Assistance Program.
Gartner Gives Charity Match.
And much more!
#LI-Hybrid
#LI-DC
Who are we?
At Gartner, Inc. (NYSE:IT), we guide the leaders who shape the world.
Our mission relies on expert analysis and bold ideas to deliver actionable, objective insight, helping enterprise leaders and their teams succeed with their mission-critical priorities.
Since our founding in 1979, we’ve grown to more than 20,000 associates globally who support ~15,000 client enterprises in ~90 countries and territories. We do important, interesting and substantive work that matters. That’s why we hire associates with the intellectual curiosity, energy and drive to want to make a difference. The bar is unapologetically high. So is the impact you can have here.
What makes Gartner a great place to work?
Our sustained success creates limitless opportunities for you to grow professionally and flourish personally. We have a vast, virtually untapped market potential ahead of us, providing you with an exciting trajectory long into the future. How far you go is driven by your passion and performance.
We hire remarkable people who collaborate and win as a team. Together, our singular, unifying goal is to deliver results for our clients.
Our teams are inclusive and composed of individuals from different geographies, cultures, religions, ethnicities, races, genders, sexual orientations, abilities and generations.
We invest in great leaders who bring out the best in you and the company, enabling us to multiply our impact and results. This is why, year after year, we are recognized worldwide as a great place to work.
What do we offer?
Gartner offers world-class benefits, highly competitive compensation and disproportionate rewards for top performers.
In our hybrid work environment, we provide the flexibility and support for you to thrive — working virtually when it's productive to do so and getting together with colleagues in a vibrant community that is purposeful, engaging and inspiring.
Ready to grow your career with Gartner? Join us.
Gartner believes in fair and equitable pay. A reasonable estimate of the base salary range for this role is 92,000 USD - 131,000 USD. Please note that actual salaries may vary within the range, or be above or below the range, based on factors including, but not limited to, education, training, experience, professional achievement, business need, and location. In addition to base salary, employees will participate in either an annual bonus plan based on company and individual performance, or a role-based, uncapped sales incentive plan. Our talent acquisition team will provide the specific opportunity on our bonus or incentive programs to eligible candidates. We also offer market leading benefit programs including generous PTO, a 401k match up to $7,200 per year, the opportunity to purchase company stock at a discount, and more.
The policy of Gartner is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to seek to advance the principles of equal employment opportunity.
Gartner is committed to being an Equal Opportunity Employer and offers opportunities to all job seekers, including job seekers with disabilities. If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Company’s career webpage as a result of your disability. You may request reasonable accommodations by calling Human Resources at +1 (203) 964-0096 or by sending an email to ApplicantAccommodations@gartner.com.
Job Requisition ID:97683By submitting your information and application, you confirm that you have read and agree to the country or regional recruitment notice linked below applicable to your place of residence.
Gartner Applicant Privacy Link: https://jobs.gartner.com/applicant-privacy-policy
For efficient navigation through the application, please only use the back button within the application, not the back arrow within your browser.