Security Analyst (Incident response, DFIR, SOC)

About Gartner Information Security:

We are a dedicated team of passionate information security professionals committed to protecting, detecting, and responding to threats. Our team comprises lifelong learners who continually research innovative methods to stay ahead of emerging threats. We foster a collaborative environment where ideas are valued, regardless of whether they come from our most experienced members or our newest recruits. We embrace an inclusive culture that encourages diverse perspectives and promotes mutual respect and teamwork.

About the role

Gartner is seeking a motivated Security Analyst to join its Security Operations Team. In this role, you will support Incident Response and Investigations, enhance our capabilities, and defend our network and intellectual properties. Your contributions will be instrumental in safeguarding our assets and strengthening our security operations.
 

What you will need

• Experience in conducting analysis and investigation of cybersecurity incidents.
• Familiarity with SIEM or XDR for log analysis and alert creation.
• Basic experience with security tools such as EDR, web proxy, WAF, and email security tools.
• Exposure to cloud environments (AWS, Azure, GCP).
• Experience in Digital Forensics and Incident Response (DFIR).
• Ability to query using languages such as SPL, SQL, KQL.
• Strong communication and prioritization skills.
• Willingness to learn automation and coding solutions for repetitive tasks (Python, PowerShell, Bash).
   

What you will do

• Investigate and resolve security events and incidents from triage to remediation.
• Collaborate with stakeholders to identify, respond to, and remediate security issues.
• Develop innovative detection content aligned with ATT&CK, Cyber Kill Chain, and other frameworks.
• Contribute ideas and solutions to a dynamic, growth-focused team.
• Build and implement tools to automate security monitoring and tasks.
• Develop solutions to quickly and efficiently mitigate security vulnerabilities.
• Hunt for misconfigurations, anomalous activity, and threats.
• Bring your own ideas and solutions to a fast-paced, growing, and evolving team focused on operational excellence.
• Provide rotational on-call support for weekend emergencies (infrequently), ensuring uninterrupted security coverage and prompt incident response
• Effectively collaborate with team members spread across multiple geographies, ensuring seamless communication and coordination for successful outcomes

Who you are

• 2+ yrs. of demonstrated experience triaging, investigating, and remediating security events and incidents
• Bachelor’s degree in cyber security, computer science, or a related professional qualification.
• Passionate about security and addressing future challenges.
• Willingness to embrace new technology platforms.
• Excellent team player
• Innovation mindset: Seizes opportunities to enhance existing processes and prioritizes automation.
• Certifications like GCIH, GCFA or equivalent are a plus
• Capable of working proactively in a time-sensitive operational environment.
   

Don’t meet every single requirement? We encourage you to apply anyway. You might just be the right candidate for this, or other roles.
#LI-NS4

Who are we? 

At Gartner, Inc. (NYSE:IT), we guide the leaders who shape the world.

Our mission relies on expert analysis and bold ideas to deliver actionable, objective insight, helping enterprise leaders and their teams succeed with their mission-critical priorities.

Since our founding in 1979, we’ve grown to more than 21,000 associates globally who support ~14,000 client enterprises in ~90 countries and territories. We do important, interesting and substantive work that matters. That’s why we hire associates with the intellectual curiosity, energy and drive to want to make a difference. The bar is unapologetically high. So is the impact you can have here.

What makes Gartner a great place to work? 

Our sustained success creates limitless opportunities for you to grow professionally and flourish personally. We have a vast, virtually untapped market potential ahead of us, providing you with an exciting trajectory long into the future. How far you go is driven by your passion and performance.

We hire remarkable people who collaborate and win as a team. Together, our singular, unifying goal is to deliver results for our clients.

Our teams are inclusive and composed of individuals from different geographies, cultures, religions, ethnicities, races, genders, sexual orientations, abilities and generations.

We invest in great leaders who bring out the best in you and the company, enabling us to multiply our impact and results. This is why, year after year, we are recognized worldwide as a great place to work.

What do we offer? 

Gartner offers world-class benefits, highly competitive compensation and disproportionate rewards for top performers. 

In our hybrid work environment, we provide the flexibility and support for you to thrive — working virtually when it's productive to do so and getting together with colleagues in a vibrant community that is purposeful, engaging and inspiring.

Ready to grow your career with Gartner? Join us.

The policy of Gartner is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to seek to advance the principles of equal employment opportunity.

Gartner is committed to being an Equal Opportunity Employer and offers opportunities to all job seekers, including job seekers with disabilities. If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Company’s career webpage as a result of your disability. You may request reasonable accommodations by calling Human Resources at +1 (203) 964-0096 or by sending an email to ApplicantAccommodations@gartner.com.

By submitting your information and application, you confirm that you have read and agree to the country or regional recruitment notice linked below applicable to your place of residence.

Gartner Applicant Privacy Link: https://jobs.gartner.com/applicant-privacy-policy

For efficient navigation through the application, please only use the back button within the application, not the back arrow within your browser.