Application Security Architect

About the role:

Support Gartner’s efforts to safeguard our reputation by architecting safe, secure applications leveraged by Gartner Research, Consulting, and Sales teams.

What you’ll do:

  • Act as a subject matter expert for secure development and deployment, partnering with product and business experts in Gartner Research, Consulting, Sales and IT.
  • Model threats to Gartner developed or acquired applications
  • Embed security into an agile, cloud-first application development and deployment model
  • Perform technical risk assessments, including code analysis, of critical Gartner applications, recommend mitigating controls and work with Gartner’s Information Security Governance/Risk/Compliance team to effect change
  • Assist with technical security testing and red/purple team activity
  • Assist with application specific security incident handling, and support Gartner’s Incident Response team
  • Measure effectiveness of the Application Security program via ongoing analysis and reporting of data and metrics
  • Protect the company from a wide-variety of business risks ranging from financial loss, regulatory fines and penalties, loss of intellectual property, and/or brand/reputation risk.

Job Requirements:

What you’ll need:
  • Bachelor’s degree in Information Systems, Information Technology, or equivalent.
  • 3+ years of experience in application security, including code assessment
  • 3 years of experience developing software
  • 2 years of application security testing and results management
  • Experience training software developers on key threats and application security best practices
  • Experience with application security testing automation in a continuous integration & deployment environment (cloud based)
  • Strong interpersonal and communications skills; able to collaborate within a global team
  • In depth knowledge of attacker methodologies, threat modelling and containment strategies
  • Strong understanding of software frameworks (.NET, Java, JavaScript) languages (Java, C#, Python), database, data analytics, cloud and application container security
  • Familiarity with security vulnerability and code analysis testing tools and integration with rapid, continuous development/deployment methodologies in cloud (Iaas, SaaS) environments
  • Familiarity with testing web applications, browser add ins, and mobile code, using common tools (Burp Suite, Metasploit, other commercial tools, SIEM) and exploits
  • Developing security champions within software engineering teams

Job ID 00020917

Meet Some of Gartner's Employees

Erin P.

Regional Vice President, Sales

Erin oversees more than $40 million of business for Gartner while guiding and supporting five separate teams of account executives throughout the greater New York City territory.

Paul G.

Director, Sales

Paul heads up the Event Sales Team, managing six agents who work to place Gartner’s client vendors into appropriate sponsorships at educational lectures and exhibitions.

Back to top