Remote – United States
What makes Gartner a GREAT fit for you? When you join Gartner, you’ll be part of a fast-growing team that helps the world become smarter and more connected. We’re the world’s leading research and advisory company, achieving consistent double-digit growth by steering clients toward the right decisions with business and technology insights they can’t find anywhere else. Our associates enjoy a collaborative work environment, exceptional training and career development — as well as unlimited growth opportunities. If you like working with a curious, supportive, high-performing team, Gartner is the place for you.
Gartner seeks a Security Analyst to join our detection/response team. As part of the security operations team, you will work with a broad base of security controls, drive ongoing monitoring policy and content development within the organization, working across the breadth of the Gartner organization to evangelize defensive practices, and mentor and train the security minds of tomorrow.
- Reviews and analyzes daily security intelligence feeds, provides detection engineering recommendations, and applies protections to mitigate new threats.
- Monitor, analyze, and synthesize daily security alerts/events surfaced via internal and external sources.
- Investigate and validate actionable security alerts/events and escalate or take action as indicated in security model to mitigate threats.
- Participate in continuous security monitoring and incident response activities across cloud and on premise network environments.
- Participate in security related threat hunting and forensic analysis activities.
- Builds expertise through training and development in attacker techniques and tradecraft.
- Key contributor to the adaptive security detection and monitoring strategy of Gartner.
- Mentor Associate Analysts as part of their daily functions
- Serve as an escalation point for alerts that cannot be handled in the Associate Analyst tier.
- Communicate with the business around observed activity and serve in a consultative fashion to
- Consult on issues that affect the operational security of the overall organization.
- Identify gaps in present content portfolio where new content could aid in detection and/or response.
- Perform live response and analysis of forensics artifacts from a live response platform
- Detect, investigate, and triage 2 nd tier alerts in the Gartner monitoring infrastructure.
- Produce reports for upper management about incidents observed, actions taken, and related forensic artifacts.
- Be able to work independently on assigned tasks and part of larger, geographically dispersed team
What You’ll Need
- Bachelor’s degree in Computer Science or related discipline, or equivalent work experience.
- 2+ years of experience in two or more disciplines related to network or host based security
- Strong understanding of technology stack: OS (Windows, Linux, iOS, OSX, Android), virtualization, storage, networks/protocols, database, application; cloud stack familiarity highly desired
- Strong understanding of network and application protocols and services; TCP/IP, UDP, HTTP, SMTP, DNS, etc.
- Strong understanding of common cyber-attack methods and defense methods
- Able for “on-call” 24/7 for critical security event response
- Ability to communicate clearly and effectively with customers, technical and business teams
- Able to handle multiple tasks under stressful conditions
- Excellent analytical skills
- Administration of SIEM and orchestration/automation tools, as well as offensive and defensive security tools, procedures, techniques
- Experience in content development for SIEM platforms (ArcSight, Splunk, ES)
- In-depth knowledge in leveraging SIEM, Enterprise Detect & Response tools, and threat intelligence tools to perform threat hunting across a global enterprise.
- Intermediate knowledge of scripting and/or programming language
- Experience with threat management platforms (vulnerability management, threat intelligence etc)
Who You Are
- Motivated, high-potential performer, with demonstrated ability to influence and lead
- Strong communicator with excellent interpersonal skills
- Able to solve complex problems and successfully manage ambiguity and unexpected change
- Teachable and embracing of best practices and feedback as a means of continuous improvement
- Consistently high achiever marked by perseverance, humility and a positive outlook in the face of challenges
What We Offer
- In addition to an outstanding work environment with rapid advancement potential, Gartner associates enjoy exceptional compensation and benefits, including:
- An upbeat, positive culture. Integrity, objectivity, collaboration, results and a no-limits mindset are central to our values
- Limitless growth. We work with you to help you meet your goals and advance within the company
- Encouragement to be innovative and challenge status quo
- Exposure to industry-leading training and development
- Performance-based recognition and rewards
By submitting your information and application, you confirm that you have read and agree to the country or regional recruitment notice linked below applicable to your place of residence.
Gartner Applicant Privacy Link: https://jobs.gartner.com/applicant-privacy-policy
For efficient navigation through the application, please only use the back button within the application, not the back arrow within your browser.