Security Engineer (Purple Team)

About Gartner IT:

Join a world-class team of skilled engineers who build creative digital solutions to support our colleagues and clients. We make a broad organizational impact by delivering cutting-edge technology solutions that power Gartner. Gartner IT values its culture of nonstop innovation an outcome-driven approach to success and the notion that great ideas can come from anyone on the team.

About the role:

This is a new role in the Security Analytics and Automation team within Gartners expanding Security Operations practice. As part of the team you will help enhance our capabilities to identify and validate vulnerabilities in Gartners security controls procedures and infrastructure.

As a Purple Team Engineer you will use your knowledge of attacker TTPs (red team) to improve our capability to detect and respond to threats (blue team).

You will play a key role in defending Gartners network and intellectual properties. Our team is filled with lifelong learners who are consistently researching ways to better defend and stay ahead of the threats of tomorrow. We are a collaborative flexible group where good ideas are brought forth and acted upon whether they come from the most experienced or the newest members of the team.

What you will need:

• Previous experience conducting analysis and investigation of cybersecurity incidents

• Experience using SIEM or XDR for log analysis and alert creation

• Extensive experience utilizing security tools such as EDR (including live response) web proxy WAF and email security tools

• Experience with cloud environments (AWS Azure GCP)

• Digital Forensics and Incident Response (DFIR) skills

• Ability to query using various query languages such as SPL SQL KQL.

• Threat hunting experience preferred

• Ability to communicate effectively and possess excellent prioritization skills.

• Ability to automate tasks and code solutions to repetitive problems (Python PowerShell Bash)

• Previous red/purple team experience (practical or lab based) is a plus

What will you do:

• Develop new attack emulations based on use-cases and strategy drawing from threat intelligence and current events

• Review and tune existing emulations to ensure high-fidelity tests are conducted in a thoughtful manner which allows rapid identification of any gaps in controls

• Work closely with teams such as the Security Operations Center (SOC) Threat Intelligence and Detection Engineering to help identify gaps in existing controls

• Assist and support SOC analysts during ad-hoc Incident Response activities

• Utilize programming and scripting to automate workflows

• Conduct proactive Penetration Testing activities and offensive exercises

• Assist in the development of innovative and cutting-edge detection content aligned with ATT&CK Cyber Kill Chain and various other cybersecurity frameworks

• Bring your own ideas and solutions to a fast-paced growing and evolving team centered around operational excellence

• Effectively collaborate with team members spread across multiple geographies ensuring seamless communication and coordination for successful outcomes

Who you are

• Knowledge of MITRE ATT&CK Cyber Kill Chain or other behavioral information security frameworks.

• Familiarity with use of offensive techniques and tools

• Python Bash PowerShell or other programming/ scripting language experience

• 1-2 years of relevant Information Security or Penetration Testing experience

• Bachelors in Computer Science Information Security Engineering or commensurate experience in Information security is preferred

• Passion for security and solving tomorrows problems

• Willingness to learn new technology platforms

• Strong team player

• Innovation mindset Takes opportunities to make existing processes more efficient and thinks automation first

What will make you stand out:

• Penetration Testing skills

• Ability to find and solve problems.

• Experience implementing integrations between tools utilizing APIs

• Previous experience with Attack Emulation Platforms

• Custom scripting implementation or security tooling for Cloud Platforms (AWS Azure GCP)
  

Dont meet every single requirement We encourage you to apply anyway. You might just be the right candidate for this or other roles
#LI-NS4

Who are we

At Gartner Inc. (NYSE:IT) we guide the leaders who shape the world.

Our mission relies on expert analysis and bold ideas to deliver actionable objective business and technology insights helping enterprise leaders and their teams succeed with their mission-critical priorities.

Since our founding in 1979 weve grown to 20000 associates globally who support over 13000 client enterprises in 90 countries and territories. We do important interesting and substantive work that matters. Thats why we hire associates with the intellectual curiosity energy and drive to want to make a difference. The bar is unapologetically high. So is the impact you can have here.

What makes Gartner a great place to work

Our vast virtually untapped market potential offers limitless opportunities opportunities that may not even exist right now for you to grow professionally and flourish personally. How far you go is driven by your passion and performance.

We hire remarkable people who collaborate and win as a team. Together our singular unifying goal is to deliver results for our clients.

Our teams are inclusive and composed of individuals from different geographies cultures religions ethnicities races genders sexual orientations abilities and generations.

We invest in great leaders who bring out the best in you and the company enabling us to multiply our impact and results. This is why year after year we are recognized worldwide as a great place to work.

Gartner is the world authority on AI

At Gartner youll join a company at the very center of the AI revolution. Gartner has proactive objective guidance throughout clients AI journeys. We set the standard for how organizations leverage artificial intelligence to drive meaningful impact. Youll have access to unmatched resources expertise and technology and play a key role in helping Gartner and our clients innovate and grow as we leverage AI to transform business and technology landscapes.

Its an exciting time to be at Gartner with limitless opportunities to make a real impact grow your skills and build a lasting meaningful career in a field thats reshaping the way we operate. If youre passionate about AI and want to be part of a team thats guiding the leaders who shape the world Gartner is the place for you.

What do we offer

Gartner offers world-class benefits highly competitive compensation and disproportionate rewards for top performers.

In our hybrid work environment we provide the flexibility and support for you to thrive working virtually when its productive to do so and getting together with colleagues in a vibrant community that is purposeful engaging and inspiring.

Ready to grow your career with Gartner Join us.

The policy of Gartner is to provide equal employment opportunities to all applicants and employees without regard to race color creed religion sex sexual orientation gender identity marital status citizenship status age national origin ancestry disability veteran status or any other legally protected status and to seek to advance the principles of equal employment opportunity.

Gartner is committed to being an Equal Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you are a qualified individual with a disability or a disabled veteran you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Companys career webpage as a result of your disability. You may request reasonable accommodations by calling Human Resources at 1 or by sending an email to.

By submitting your information and application you confirm that you have read and agree to the country or regional recruitment notice linked below applicable to your place of residence.

Gartner Applicant Privacy Link: efficient navigation through the application please only use the back button within the application not the back arrow within your browser.