Lead Security Analyst

at  Gartner

ABOUT THE ROLE:

This is a new role, created to support Gartner’s growing Security Operations team. As a Lead Security Analyst, you will be supporting the team in a multitude of disciplines, including Incident Response, Investigations, and various project efforts to uplift our capabilities. You will assist with
managing risk to Gartner’s reputation, customers and Information Technology by providing cyber security analysis and incident response expertise. You will play a key role in defending Gartner’s network and intellectual properties. Our team is filled with lifelong learners who are consistently researching ways to better defend and stay ahead of the threats of tomorrow. We are also a collaborative, flexible group, where good ideas are brought forth and acted upon, whether they come from the most experienced or the newest members of the team.

WHAT YOU WILL DO:

• Conduct daily investigation of security events and incidents end to end.
• Serve as a subject matter expert in driving incident response and be the primary decision-maker for your geographic region, overseeing various aspects of rapid incident response measures.
• Provide detailed notes and reporting for all security events and incidents analyzed.
• Provide mentorship and guidance to the rest of the team.
• Regularly drive and participate in team uplift projects, enhancing or setting up new capabilities.
• Create runbooks and playbooks for repeatable tasks.
• Build and implement tools to automate security monitoring and tasks.
• Threat Hunting- Hunt for bad, misconfigurations, and other anomalous activity.
• Drive automation initiatives, enhancing analyst capabilities and workflows while eliminating monotonous tasks.
• Develop innovative and cutting-edge detection content aligned with ATT&CK, Cyber Kill Chain, and various other cyber security frameworks.
• Bring your own ideas and solutions to a fast-paced, growing, and evolving team centered around operational excellence.
• Provide rotational on-call support for weekend emergencies (rarely), ensuring uninterrupted security coverage and prompt incident response.
• Responsible for ensuring smooth handover processes to facilitate effective collaboration among team members located in various geographical locations, fostering seamless communication and coordination to achieve successful outcomes.
• Work closely with key stakeholders and cross functional BUs representing the SecOps team to identify, respond to, and remediate information security issues.