Application Security Architect
About the role:
Support Gartner’s efforts to safeguard our reputation by architecting safe, secure applications leveraged by Gartner Research, Consulting, and Sales teams.
What you’ll do:
- Act as a subject matter expert for secure development and deployment, partnering with product and business experts in Gartner Research, Consulting, Sales and IT.
- Model threats to Gartner developed or acquired applications
- Embed security into an agile, cloud-first application development and deployment model
- Perform technical risk assessments, including code analysis, of critical Gartner applications, recommend mitigating controls and work with Gartner’s Information Security Governance/Risk/Compliance team to effect change
- Assist with technical security testing and red/purple team activity
- Assist with application specific security incident handling, and support Gartner’s Incident Response team
- Measure effectiveness of the Application Security program via ongoing analysis and reporting of data and metrics
- Protect the company from a wide-variety of business risks ranging from financial loss, regulatory fines and penalties, loss of intellectual property, and/or brand/reputation risk.
What you’ll need:
- Bachelor’s degree in Information Systems, Information Technology, or equivalent.
- 3+ years of experience in application security, including code assessment
- 3 years of experience developing software
- 2 years of application security testing and results management
- Experience training software developers on key threats and application security best practices
- Experience with application security testing automation in a continuous integration & deployment environment (cloud based)
- Strong interpersonal and communications skills; able to collaborate within a global team
- In depth knowledge of attacker methodologies, threat modelling and containment strategies
- Familiarity with security vulnerability and code analysis testing tools and integration with rapid, continuous development/deployment methodologies in cloud (Iaas, SaaS) environments
- Familiarity with testing web applications, browser add ins, and mobile code, using common tools (Burp Suite, Metasploit, other commercial tools, SIEM) and exploits
- Developing security champions within software engineering teams
Job ID 00020917
Meet Some of Gartner's Employees
Regional Vice President, Sales
Erin oversees more than $40 million of business for Gartner while guiding and supporting five separate teams of account executives throughout the greater New York City territory.
Back to top