Lead Security Analyst-SOC

About Gartner IT:

Join a world-class team of skilled engineers who build creative digital solutions to support our colleagues and clients.  We make a broad organizational impact by delivering cutting-edge technology solutions that power Gartner.  Gartner IT values its culture of nonstop innovation, an outcome-driven approach to success, and the notion that great ideas can come from anyone on the team. 
 

About the role:

This role supports Gartner’s growing Security Operations team. As a Lead Security Analyst, you will support the team in a multitude of disciplines, including Incident Response, Investigations, and project efforts to uplift our capabilities. You'll assist with managing risk to Gartner’s reputation, protecting customers’ data and providing cyber security analysis and incident response expertise. You will play a key role in defending Gartner’s network and intellectual properties. Our team is filled with lifelong learners who are consistently researching ways to better defend and stay ahead of the threats of tomorrow. We are a collaborative, flexible group, where good ideas are brought forth and acted upon, whether they come from the most experienced or the newest members of the team.
 

What you will need:

• Demonstrated ability to prioritize and analyze security events, enabling swift decision-making on appropriate courses of action and initiating timely and proportional responses
• Expertise in conducting and driving analysis and investigation of cybersecurity incidents
• Experience articulating technical findings and creating detailed incident reports
• Extensive experience in leveraging security tools such as SIEM, EDR, web proxy and email security tools
• Experience driving security projects from requirements gathering to completion
• Hands on experience with cloud environments (AWS, Azure, GCP) and performing security investigations in them
• Digital Forensics and Incident Response (DFIR) skills
• Ability to query using query languages such as SPL, SQL, KQL
• Threat hunting experience or previous red/purple team experience (practical or lab based)
• Ability to communicate effectively and possess excellent prioritization skills
• Ability to automate tasks and code solutions to repetitive problems (Python, PowerShell, Bash).
   

What you will do:

• Conduct daily investigation of security events and incidents end to end
• Serve as a subject matter expert in driving incident response and be the primary decision-maker for your geographic region, overseeing various aspects of incident response
• Provide detailed notes and reporting for all security events and incidents analyzed
• Provide mentorship and guidance to the rest of the team
• Regularly drive and participate in team uplift projects, enhancing or building new capabilities
• Create runbooks and playbooks for repeatable tasks
• Build and implement tools to automate security monitoring and tasks
• Threat Hunting- Hunt for bad, misconfigurations, and other anomalous activity
• Drive automation initiatives, enhancing analyst capabilities and workflows while eliminating monotonous tasks
• Develop innovative and cutting-edge detection content aligned with ATT&CK, Cyber Kill Chain, and various other cyber security frameworks
• Bring your own ideas and solutions to a fast-paced, growing, and evolving team centered around operational excellence
• Provide rotational on-call support for weekend emergencies (rarely), ensuring uninterrupted security coverage and prompt incident response
• Ensure smooth handover of alerts and incidents between team members located in various geographic locations
• Work closely with key stakeholders and cross functional BUs representing the SecOps team to identify, respond to, and remediate information security issues

Who you are

• 5-8 years of relevant Information Security or SOC experience
• Bachelors in computer science, Information Security, Engineering, or commensurate experience in Information security is preferred
• Passion for security and solving tomorrow’s problems
• Willing to learn new technology platforms
• Strong team player
• Certifications like GCIH, GCFA or equivalent are a plus
• Able to work proactively in a time sensitive operations environment.
• Innovation mindset – Takes opportunities to make existing processes more efficient and thinks “automation first”
   

Don’t meet every single requirement? We encourage you to apply anyway. You might just be the right candidate for this, or other roles.

#LI-NS4

Who are we? 

At Gartner, Inc. (NYSE:IT), we guide the leaders who shape the world.

Our mission relies on expert analysis and bold ideas to deliver actionable, objective insight, helping enterprise leaders and their teams succeed with their mission-critical priorities.

Since our founding in 1979, we’ve grown to more than 20,000 associates globally who support ~15,000 client enterprises in ~90 countries and territories. We do important, interesting and substantive work that matters. That’s why we hire associates with the intellectual curiosity, energy and drive to want to make a difference. The bar is unapologetically high. So is the impact you can have here.

What makes Gartner a great place to work? 

Our sustained success creates limitless opportunities for you to grow professionally and flourish personally. We have a vast, virtually untapped market potential ahead of us, providing you with an exciting trajectory long into the future. How far you go is driven by your passion and performance.

We hire remarkable people who collaborate and win as a team. Together, our singular, unifying goal is to deliver results for our clients.

Our teams are inclusive and composed of individuals from different geographies, cultures, religions, ethnicities, races, genders, sexual orientations, abilities and generations.

We invest in great leaders who bring out the best in you and the company, enabling us to multiply our impact and results. This is why, year after year, we are recognized worldwide as a great place to work.

What do we offer? 

Gartner offers world-class benefits, highly competitive compensation and disproportionate rewards for top performers. 

In our hybrid work environment, we provide the flexibility and support for you to thrive — working virtually when it's productive to do so and getting together with colleagues in a vibrant community that is purposeful, engaging and inspiring.

Ready to grow your career with Gartner? Join us.

The policy of Gartner is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to seek to advance the principles of equal employment opportunity.

Gartner is committed to being an Equal Opportunity Employer and offers opportunities to all job seekers, including job seekers with disabilities. If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Company’s career webpage as a result of your disability. You may request reasonable accommodations by calling Human Resources at +1 (203) 964-0096 or by sending an email to ApplicantAccommodations@gartner.com.

By submitting your information and application, you confirm that you have read and agree to the country or regional recruitment notice linked below applicable to your place of residence.

Gartner Applicant Privacy Link: https://jobs.gartner.com/applicant-privacy-policy

For efficient navigation through the application, please only use the back button within the application, not the back arrow within your browser.