Sr. Security Engineer - U.S. Remote Opportunity
Company: Gartner
Location: Huntington
Posted on: June 6, 2021
|
|
|
Job Description:
Location: Remote - Texas What makes Gartner a GREAT fit for you? When you join Gartner,
you'll be part of a team with a no-limits mindset that helps the
world become smarter and more connected. We're the world's leading
research and advisory company that steers clients toward the right
decisions with business and technology insights they can't find
anywhere else. Our associates enjoy a collaborative work
environment with exceptional training and career development. If
you like working with a curious, supportive, high-performing team,
Gartner is the place for you. Interested in learning more, view and register for any of our
upcoming recruiting events here! The Senior Application Security Engineer will
be responsible for continuously improving and maintaining the
security of our applications. The ideal candidate will have
experience working in public and private-facing Cloud/On-Prem/SaaS
environments and collaborating with and advising the Product,
Development, and DevOps teams. Perform and manage manual and automated
vulnerability and penetration testing
program Conduct threat modeling of services and
applications that tie to the risk and data associated with the
service or application. Conduct security assessments of internal
systems, applications and IT infrastructure as part of the overall
risk management practice of the
organization. Work with developers to prioritize and
remediate identified security
vulnerabilities Build and automate secure SDLC controls and
best practices in an agile, CI/CD-focused
environment Work with Product and Engineering teams to help
design secure products Lead efforts to implement and maintain security
policies and remediation processes Balance security risk and product advancement
within the parameters of the business Perform proactive research to detect new attack
vectors Develop and maintain security architecture
artifacts (models, templates, standards and procedures) that can be
used to leverage security capabilities in projects and
operations. Conduct code reviews of applications to
determine security flaws or other issues that would impact the
confidentiality, integrity or availability of the
system. Take ownership of assignments & drive them to
completion. Work collaboratively across functional areas
for innovation to turn new ideas into
reality. Proven Communication, collaboration, and
critical thinking skills Experience with Application Security tools
(SAST,DAST,IAST,SCA..) Detailed understanding of common web
application architecture, deployment models and
components Have a knack for finding flaws in software and
can efficiently communicate how to fix them Proven ability to communicate and educate
engineering and architecture teams as to why security efforts are
necessary and add value Can think like an attacker and use that context
to develop threat models Demonstrable experience scripting with
languages like Python, PowerShell, bash, etc. to create and
automate security controls Familiarity with technical security controls,
guidelines, and frameworks outlined by standards such as SOC2, ISO
27001/27013, NIST 800-53 Documented experience and a strong working
knowledge of the methodologies to conduct threat-modeling exercises
on new applications and services Working knowledge of cloud technologies with
the ability to describe security concerns and what the impact might
be for an organization. Full-stack knowledge of IT
infrastructure: Applications Databases Operating systems (Windows, Unix and
Linux) Hypervisors IP networks (WAN, LAN) Preferred Technical and Professional
Expertise 3-6 years of experience in the design and
implementation of complex IT systems 3-5 years of experience in Information Security
and proven experience in application security, vulnerability and
patch management. Understanding and working experience with
cloud/server/container security tools Domain expertise in cloud network
infrastructure technologies. The security engineer will evidence his or her
knowledge of security and risk management through ongoing
continuing professional education. The ideal candidate will
maintain one or more of the following certifications. CISSP,CCSP,
AWS or Azure Security, CEH... By submitting your information and application, you
confirm that you have read and agree to the country or regional
recruitment notice linked below applicable to your place of
residence. Gartner Applicant Privacy Link:
https://jobs.gartner.com/applicant-privacy-policy For efficient navigation through the
application, please only use the back button within the
application, not the back arrow within your
browser.
Location: Remote - California
Location: Remote - Virginia
Sr. Security Engineer
(#54958)
Position Summary
Primary Responsibilities
Job Requirements
Education - Bachelor's or master's
degree in computer science, information systems, cybersecurity or a
related field.
Required Technical and Professional
Expertise
Required Certifications
Job Requisition ID:54958
Keywords: Gartner, Huntington , Sr. Security Engineer - U.S. Remote Opportunity, Other , Huntington, West Virginia
|
Click
here to apply!
|
