Application Security Architect
What makes Gartner a GREAT fit for you? When you join Gartner, you’ll be part of a fast-growing team that helps the world become smarter and more connected. We’re the leader in our industry, achieving double-digit growth by helping clients make the right decisions with business and technology insights they can’t find anywhere else. Our associates enjoy a collaborative work environment, exceptional training and career development — as well as unlimited growth potential. If you like working with a generous, supportive, high-performing team, Gartner is where you want to be.
Support Gartner's efforts to safeguard our reputation by architecting safe, secure applications leveraged by Gartner Research, Consulting,and Sales teams.
What you will do:
- Act as a subject matter expert for secure development and deployment, partnering with product and business experts in Gartner Research, Consulting, Sales and IT.
- Model threats to Gartner developed or acquired applications
- Embed security into an agile, cloud-first application development and deployment model
- Perform technical risk assessments, including code analysis, of critical Gartner applications, recommend mitigating controls and work with Gartner s Information Security Governance/Risk/Compliance team to effect change
- Assist with technical security testing and red/purple team activity
- Assist with application specific security incident handling, and support Gartner's Incident Response team
- Measure effectiveness of the Application Security program via ongoing analysis and reporting of data and metrics
- Protect the company from a wide-variety of business risks ranging from financial loss, regulatory fines and penalties, loss of intellectual property, and/or brand/reputation risk.
What you will need:
- Bachelor s degree in Information Systems, Information Technology, or equivalent.
- 3+years of experience in application security, including code assessment
- 3 years of experience developing software
- 2 years of application security testing and results management
- Experience training software developers on key threats and application security best practices
- Experience with application security testing automation in a continuous integration & deployment environment (cloud based)
- Strong interpersonal and communications skills; able to collaborate within a global team
- In depth knowledge of attacker methodologies, threat modelling and containment strategies
- Familiarity with security vulnerability and code analysis testing tools and integration with rapid, continuous development/deployment methodologies in cloud (Iaas,SaaS) environments
- Familiarity with testing web applications, browser add ins, and mobile code, using common tools (Burp Suite, Metasploit, other commercial tools, SIEM) and exploits
- Developing security champions within software engineering teams
Job Requisition ID:G20917
By submitting your information and application, you confirm that you have read and agree to the country or regional recruitment notice linked below applicable to your place of residence.
Gartner Applicant Privacy Link: https://jobs.gartner.com/applicant-privacy-policy
For efficient navigation through the application, please only use the back button within the application, not the back arrow within your browser.
Job ID G20917
Back to top