About the job
This is a remote, Individual Contributor role
Are you passionate about software engineering security? Do you enjoy sharing your knowledge and experience with others? Do you desire to stay on the forefront of the latest trends and technologies in software engineering? Do you want to help companies get better at securing and developing software?
Gartner is hiring a Senior Research Director Analyst focusing on software engineering security technical challenges. We are seeking someone who is passionate about software engineering who has grown into the security related aspect of building and running software. Someone with hands-on technical expertise securing software delivery pipelines through concepts such as secure coding practices, DevSecOps, cloud-native security best practices, and most importantly, a strong desire to help others learn and improve how they securely build software.We are looking to hire an experienced software security engineer to fill this role. Recent hands-on experience as a software engineer with a security scope of focus is required.This senior research director role creates thought leading research for technical professionals around the world. You will publish original research, speak with clients directly, and present at global events and on-site for client engagements. You must be a life-long learner and versatile individual.This is an individual contributor role as part of a collaborative team of experts in Gartner’s Software Engineering for Technical Professionals practice. Our practice provides the backbone for Gartner software engineering research by creating, identifying, influencing, and sharing best practices across the software design, build and run lifecycle.In this role you will help shape the way that software is secured, developed and delivered by leading companies worldwide. You will use your expertise and the insights you gain during your Gartner career to guide architects, engineers and senior technologists across a wide range of industries, geographies and sizes. Conversely, our team will help you grow and expand your knowledge and expertise throughout your career at Gartner.Gartner experts share our knowledge directly through published research, video calls with clients, and conferences worldwide. Responsibilities include:
- Developing thought-leading research
- Collaborating with your colleagues to advance technical research
- Contributing to research planning
- Engaging clients in video calls to advise on both strategic and tactical technology initiatives
- Supporting the Gartner sales team with virtual tech briefings and video calls with potential clients
- Delivering presentations at Gartner events and conferences
Specific Coverage, Scope and Role RequirementsGartner is seeking a technical professional with practitioner level software engineering security knowledge and experience. The successful candidate has substantial and active expertise within their area of proficiency. Qualified candidates will demonstrate expertise across multiple of the following areas:
- 12+ years of practitioner (hands-on technical) experience within security related scope of modern software engineering and development processes.
- The successful candidate has a developer focused foundation, expanded into software engineering security with expertise in the following areas:
- Hands-on experience with building and deploying applications using modern development languages, frameworks and platforms
- Secure coding practices, standards and tools to validate code for security vulnerabilities
- Expertise in assessing and mitigating security risks, for example the OWASP top 10 for Web Apps and APIs
- DevSecOps enablement experience: Pipeline coverage related to securing software development processes, technologies and approaches in an agile, DevOps landscape
- Experience conducting security review of web or mobile applications including code review
- Experience with static code analysis tools to identify security vulnerabilities.
- Securing cloud native applications (container scanning, secure cloud configuration and automation)
- Knowledge of common vulnerability and exposure (CVE) response management in code (e.g. handling Log4J or other code/dependency triggered security incidents)
- Experience conducting threat modeling to identify threats, attack vectors and attack surfaces within an application.
- Expertise and experience in the following areas is advantageous:
- Identity and access management and its role in software engineering security (Azure AD, Amazon Web Services, LDAP, SAML, OAuth, OIDC, JWT)
- Data security and privacy – encryption at rest approach, and in motion within the scope of software engineering efforts.
- Software engineering security at the edge and basic knowledge of network security, cloud networking and software engineering security technology ecosystem – e.g. WAF, WAAP, API security, API Gateways, Application Gateways.
- Experience with code signing and authentication
- Gartner technical professional analyst roles carry additional responsibilities and expectations:
- Candidates may come from an end user environment, software vendor in the product team, development team from a supplier organization, or a consulting background with relevant experience in this space.
- While hands-on technical knowledge and experience is critical, it is equally important that the successful candidate has the ability to see beyond design to meet business and commercial aims.
- Strong writing and research skills, coupled with strong analytical skills.
- Strong presentation skills, including small to large audiences (500+ people)
- Excellent collaboration skills, able to graciously give and receive constructive feedback
- Ability to take a position, based on facts, and support that position to clients, both external and internal, with clear analysis. Willingness to openly consider new information. i.e. “Strong opinions, weakly held.”
- Broad knowledge of industry trends and emerging technologies and practices.
- Ability to identify how changing technologies will impact technology choices.
- Ability to travel up to approximately 20% of the time, mostly within the region (EMEA/NA depending on home base), with some international travel.
Who are we?Gartner delivers actionable, objective insight to executives and their teams. Our expert guidance and tools enable faster, smarter decisions and stronger performance on an organization’s most critical priorities. We’ve grown exponentially since our founding in 1979 and we’re proud to have nearly 16,000 associates globally that support our 14,000+ clients in more than 100 countries.What makes Gartner a great place to work?Our teams are composed of individuals from different geographies, cultures, religions, ethnicities, races, genders, sexual orientations, abilities and generations. We believe that a variety of experiences makes us stronger—as individuals, as communities and as an organization. That’s why we’re recognized worldwide as a great place to work year after year. We’ve been recognized by Fortune as one of the World’s Most Admired Companies, named a Best Place to Work for LGBTQ Equality by the Human Rights Campaign Corporate Equality Index and a Best Place to Work for Disability Inclusion by the Disability Equality Index. Looking for a place to turn your big ideas into reality? Join #LifeAtGartnerWhat we offer:Our people are our most valuable asset, so we invest in them from Day 1. When you join our team, you’ll have access to a vast array of benefits to help you live your life well. These resources are designed to support your physical, financial and emotional well-being. We encourage continued personal and professional growth through ongoing learning and development opportunities. Our employee resource groups, charity match and volunteer programs keep you connected to your internal Gartner community and causes that matter to you.Gartner believes in fair and equitable pay. Certain locations in the United States require job postings to include a reasonable estimate of the base salary range and/or a general description of benefits and other compensation applicable to the role. For this role in those locations, the base salary range for new hires is:California Annualized Base Pay Range: 150,000 USD – 170,000 USDColorado Annualized Base Pay Range: 150,000 USD – 170,000 USDNew Jersey Annualized Base Pay Range: 150,000 USD – 170,000 USDNew York Annualized Base Pay Range: 150,000 USD – 170,000 USDWashington Annualized Base Pay Range: 150,000 USD – 170,000 USDPlease note that actual salaries may vary within the range, or be above or below the range, based on factors including, but not limited to, education, training, experience, professional achievement, business need, and location. In addition to base salary, employees will participate in either an annual bonus plan based on company and individual performance, or a role-based, uncapped sales incentive plan. Our talent acquisition team will provide the specific opportunity on our bonus or incentive programs to eligible candidates. We also offer market leading benefit programs including generous PTO, a 401k match up to $7,200 per year, the opportunity to purchase company stock at a discount, and more.The policy of Gartner is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to affirmatively seek to advance the principles of equal employment opportunity.Gartner is committed to being an Equal Opportunity Employer and offers opportunities to all job seekers, including job seekers with disabilities. If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Company’s career webpage as a result of your disability. You may request reasonable accommodations by calling Human Resources at +1 (203) 964-0096 or by sending an email to ApplicantAccommodations@gartner.com.Job Requisition ID:76127By submitting your information and application, you confirm that you have read and agree to the country or regional recruitment notice linked below applicable to your place of residence.Gartner Applicant Privacy Link: https://jobs.gartner.com/applicant-privacy-policyFor efficient navigation through the application, please only use the back button within the application, not the back arrow within your browser.