isecjobs.com

Senior Security Engineer - Third Party Risk Management

Irving - 6011 Connection

Full Time Senior-level / Expert USD 100K - 149K
Gartner logo

Gartner

Gartner provides actionable insights, guidance, and tools that enable faster, smarter decisions and stronger performance on an organization’s mission-critical priorities.

View all jobs at Gartner

Apply now Apply later

Hiring near our US Centers of Excellence.

Hybrid, flexible environment

Irving, TX

Gartner offers a hybrid, flexible environment, with remote work  that allows associates great flexibility to work from home, and opportunities to connect with colleagues for moments that matter on-site. Candidates that apply should be located within a reasonable proximity to one of Gartner’s Centers of Excellence office locations.

About Gartner IT:

Join a world-class team of skilled engineers who build creative digital solutions to support our colleagues and clients.  We make a broad organizational impact by delivering cutting-edge technology solutions that power Gartner.  Gartner IT values its culture of nonstop innovation, an outcome-driven approach to success, and the notion that great ideas can come from anyone on the team.  
 

About the role:

The Senior Security Engineer is a key member of the Third Party Risk Management Team within the Governance and Risk Management Pillar (GRM) at Gartner. The engineer is responsible for identifying, assessing, and mitigating cyber security risks associated with an organization's reliance on external vendors, suppliers, and other third parties.

What you will do:

  • Vendor Due Diligence: Conduct thorough due diligence on potential third-party vendors to assess their cyber security maturity, operational capabilities, and compliance with legal and regulatory requirements. 

  • Risk Rating: Develop or improve the risk rating system to categorize third parties based on the level of risk they pose to the organization. 

  • Ongoing Monitoring: Continuously monitor third-party performance and risk profiles, updating risk assessments as necessary. 

  • Contractual Safeguards: Work with legal and procurement teams to ensure that contracts with third parties include necessary InfoSec clauses, such as Encryption standards, access controls, breach notification etc.

  • Develop and implement processes for identifying, reporting, and managing incidents related to third-party risks, including critical data breaches, security incidents and service disruptions. 

  • Regulatory Compliance: Ensure that third-party relationships comply with relevant regulatory requirements and industry standards, such as GDPR, HIPAA, and ISO 27001. 

  • Audit and Reporting: Coordinate third-party audits and assessments, and prepare KPI/KRIs for senior management and regulatory authorities as needed. 

  • Cross-Functional Teams: Collaborate with various departments, including IT, legal, compliance, and procurement, to ensure a cohesive approach to third-party risk management. 

  • Stakeholder Communication: Act as the primary point of contact for internal and external stakeholders on matters related to third-party risk management. 

  • Vendor Relationships: Foster strong relationships with key third-party vendors to ensure mutual understanding of risk management expectations and requirements. 

What you will need:

  • Bachelor's or master's degree in computer science, information systems, cybersecurity or a related field.

  • 4-5 years of experience in risk management, vendor management, or a related field. 

  • Industry Knowledge: In-depth understanding of relevant regulations, industry standards, and best practices in third-party risk management. 

  • Risk Assessment Tools: Proficiency in using risk assessment and management tools, such as MetricStream, OneTrust, or similar platforms. 

  • Data Analysis: Strong analytical skills and the ability to interpret complex data to identify trends and potential risks. 

  • IT Proficiency: Knowledge of information technology systems and cybersecurity practices related to third-party risk management. 

  • The ideal candidate will maintain one or more of the following certifications: Certified Information Systems Auditor (CISA), Certified Risk Manager (CRM), ISO27001 or Certified in Risk and Information Systems Control (CRISC) is preferred

What you will get:

  • Competitive Compensation Package

  • Ongoing mentorship and apprenticeship; Leadership courses, development programs, technical courses, certification opportunities and more!

  • 20+ PTO days plus holidays and floating holidays in your first year

  • Extensive Medical, Dental and Vision plans

  • Hybrid environment with flexibility, remote work 

  • Parental leave

  • Gartner Gives Charity Match

  • Employee Assistance Program (EAP)

  • Employee Stock Purchase Plan

  • Health and wellness related allowance programs

  • 401K with corporate match, immediate vesting

  • Collaborative, team-oriented culture that embraces diversity 

  • Professional development and unlimited growth opportunities

#LI-Hybrid

#LI-TW1

Who are we? 

At Gartner, Inc. (NYSE:IT), we guide the leaders who shape the world.

Our mission relies on expert analysis and bold ideas to deliver actionable, objective insight, helping enterprise leaders and their teams succeed with their mission-critical priorities.

Since our founding in 1979, we’ve grown to more than 20,000 associates globally who support ~15,000 client enterprises in ~90 countries and territories. We do important, interesting and substantive work that matters. That’s why we hire associates with the intellectual curiosity, energy and drive to want to make a difference. The bar is unapologetically high. So is the impact you can have here.

What makes Gartner a great place to work? 

Our sustained success creates limitless opportunities for you to grow professionally and flourish personally. We have a vast, virtually untapped market potential ahead of us, providing you with an exciting trajectory long into the future. How far you go is driven by your passion and performance.

We hire remarkable people who collaborate and win as a team. Together, our singular, unifying goal is to deliver results for our clients.

Our teams are inclusive and composed of individuals from different geographies, cultures, religions, ethnicities, races, genders, sexual orientations, abilities and generations.

We invest in great leaders who bring out the best in you and the company, enabling us to multiply our impact and results. This is why, year after year, we are recognized worldwide as a great place to work.

What do we offer? 

Gartner offers world-class benefits, highly competitive compensation and disproportionate rewards for top performers. 

In our hybrid work environment, we provide the flexibility and support for you to thrive — working virtually when it's productive to do so and getting together with colleagues in a vibrant community that is purposeful, engaging and inspiring.

Ready to grow your career with Gartner? Join us.

Gartner believes in fair and equitable pay. A reasonable estimate of the base salary range for this role is 100,000 USD - 149,000 USD. Please note that actual salaries may vary within the range, or be above or below the range, based on factors including, but not limited to, education, training, experience, professional achievement, business need, and location. In addition to base salary, employees will participate in either an annual bonus plan based on company and individual performance, or a role-based, uncapped sales incentive plan. Our talent acquisition team will provide the specific opportunity on our bonus or incentive programs to eligible candidates. We also offer market leading benefit programs including generous PTO, a 401k match up to $7,200 per year, the opportunity to purchase company stock at a discount, and more.


The policy of Gartner is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to affirmatively seek to advance the principles of equal employment opportunity.

Gartner is committed to being an Equal Opportunity Employer and offers opportunities to all job seekers, including job seekers with disabilities. If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Company’s career webpage as a result of your disability. You may request reasonable accommodations by calling Human Resources at +1 (203) 964-0096 or by sending an email to ApplicantAccommodations@gartner.com.

Job Requisition ID:87460

By submitting your information and application, you confirm that you have read and agree to the country or regional recruitment notice linked below applicable to your place of residence.

Gartner Applicant Privacy Link: https://jobs.gartner.com/applicant-privacy-policy


For efficient navigation through the application, please only use the back button within the application, not the back arrow within your browser.

Apply now Apply later
  • Share this job via
  • 𝕏
  • or
Job stats:  0  0  0
Categories: Compliance Jobs Security Engineering Jobs

Tags: Audits CISA Compliance Computer Science CRISC Encryption GDPR Governance HIPAA ISO 27001 Monitoring Privacy Risk assessment Risk management Vendor management

Perks/benefits: 401(k) matching Career development Competitive pay Equity / stock options Flex hours Flex vacation Health care Medical leave Parental leave Salary bonus Startup environment Unlimited paid time off Wellness

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Information Security Specialist jobsPenetration Tester jobsSenior Cybersecurity Engineer jobsSenior Cyber Security Engineer jobsInformation Security Officer jobsPrincipal Security Engineer jobsSenior Network Security Engineer jobsInformation System Security Officer jobsInformation Systems Security Officer jobsChief Information Security Officer jobsCloud Security Architect jobsSecurity Consultant jobsSenior Penetration Tester jobsStaff Security Engineer jobsSecurity Specialist jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Information Security Analyst jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsInformation System Security Officer (ISSO) jobsSenior Information Security Engineer jobsCybersecurity Consultant jobsThreat Intelligence Analyst jobs
SaaS jobsEncryption jobsMalware jobsSDLC jobsSQL jobsForensics jobsRMF jobsIPS jobsGDPR jobsIDS jobsSplunk jobsTop Secret jobsEDR jobsFinance jobsDoDD 8570 jobsBash jobsTerraform jobsITIL jobsOWASP jobsCRISC jobsUNIX jobsCompTIA jobsIntrusion detection jobsDocker jobsGIAC jobs
TCP/IP jobsActive Directory jobsSANS jobsData Analytics jobsBanking jobsPolygraph jobsCCSP jobsThreat detection jobsClearance Required jobsOSCP jobsVPN jobsCyber defense jobsAnsible jobsIT infrastructure jobsSOX jobsDNS jobsOracle jobsSOC 2 jobsJavaScript jobsJira jobsSOAR jobsSecurity strategy jobsGCIH jobsArtificial Intelligence jobsCryptography jobs