Lead Security Engineer (Offensive Security)

Hiring near our Irving, TX Center of Excellence with a flexible environment.

About Gartner IT :

Join a world-class team of skilled engineers who build creative digital solutions to support our colleagues and clients. We make a broad organizational impact by delivering cutting-edge technology solutions that power Gartner. Gartner IT values its culture of nonstop innovation, an outcome-driven approach to success, and the notion that great ideas can come from anyone on the team.

About the role

Gartner information security teams are a group of passionate information security professionals dedicated to Protecting, Detecting, and Responding to threats. Our team is filled with lifelong learners who are consistently researching ways to better defend and stay ahead of the threats of tomorrow. We are a collaborative group, where good ideas come together whether they come from the most experienced or the newest members of the team.

As a Lead Purple Team Engineer on the Security Operations team, you will spearhead collaborative offensive and defensive security initiatives to identify and validate vulnerabilities in Gartner's security controls, procedures and infrastructure. You will use your extensive knowledge of attacker tools and techniques (red team) to improve our capability to detect and respond to threats (blue team). You will play a key role in defending Gartner's network and intellectual properties. Our team is filled with lifelong learners who are consistently researching ways to better defend and stay ahead of the threats of tomorrow. We are a collaborative, flexible group, where good ideas are brought forth and acted upon, whether they come from the most experienced or the newest members of the team.

What you will do :

Lead Purple Team operations by designing, planning and executing purple team exercises and activities that simulate real-world attack scenarios to test and improve detection and response capabilities.

Work closely with teams such as the Security Operations Center (SOC), Threat Intelligence, and Detection Engineering to help identify and remediate gaps in existing controls

Develop new, and tune existing attack emulations based on use-cases and strategy, drawing from threat intelligence and current events

Play a key role in Threat Modeling exercises

Assist and support SOC analysts during ad-hoc Incident Response activities

Build and maintain tools and scripts to support purple team activities, including automation of attack simulations and telemetry analysis

Assist in the development of innovative and cutting-edge detection content aligned with ATT&CK, Cyber Kill Chain, and various other cyber security frameworks

Bring your own ideas and solutions to a fast-paced, growing, and evolving team centered around operational excellence

Act as a mentor to junior team members, promote knowledge sharing and contribute to the strategic direction of the Security Operations team.

What you will need :

5+ years of relevant Information Security or Penetration Testing experience

Deep understanding of offensive techniques and tools

Knowledge of MITRE ATT&CK, Cyber Kill Chain or other behavioral information security frameworks

Python, Bash, PowerShell or other scripting language experience

Bachelor's in Computer Science, Information Security, Engineering, or commensurate experience in Information security is preferred

Extensive experience in purple / red teaming with a strong technical foundation in offensive security and adversary emulation.

Ability to design, build and scale automated security validation processes

Experience with Attack Emulation Platforms

Background in cybersecurity incident analysis and investigation

Experience utilizing security tools such as EDR (including live response), web proxy, WAF and email security tools

Knowledge of cloud environments (AWS, Azure, GCP)

Digital Forensics and Incident Response (DFIR) skills

Ability to query using various query languages such as SPL, SQL, KQL

Ability to communicate effectively and possess excellent prioritization skills.

Ability to automate tasks and code solutions to repetitive problems (Python, PowerShell, Bash)

Nice to have :

Penetration Testing skills

Experience working closely with defenders / Blue Team to identify and resolve problems

Experience implementing integrations between tools utilizing APIs

Experience using SIEM or XDR for log analysis and alert creation

Relevant certifications such as OSCP are a plus

Threat Hunting experience

Who you are :

Passion for security and solving tomorrow's problems

Willingness to learn new technology platforms

Strong team player

Innovation mindset - Takes opportunities to make existing processes more efficient and thinks "automation first"

Don't meet every single requirement? We encourage you to apply anyway. You might just be the right candidate for this, or other roles!

What you will get :

Competitive compensation.

Limitless growth and learning opportunities.

Ongoing mentorship and apprenticeship; Leadership courses, development programs, technical courses, certification opportunities and more!

A collaborative and positive culture - join a diverse team of professionals that are as smart and driven as you.

A chance to make an impact - your work will contribute directly to our strategy.

Enjoy the flexibility of working from home and the energy of collaborating with peers in our dynamic offices.

20+ PTO days plus holidays and floating holidays in your first year.

Extensive medical, dental insurance and vision plan.

401K with corporate match, immediate vesting.

Health-and-wellness-related allowance programs.

Parental leave.

Tuition reimbursement.

Employee Stock Purchase Plan.

Employee Assistance Program.

Gartner Gives Charity Match.

And much more!

#LI-RG2

#LI-Hybrid

#LI-Technology

Who are we?

At Gartner, Inc. (NYSE : IT), we guide the leaders who shape the world.

Our mission relies on expert analysis and bold ideas to deliver actionable, objective business and technology insights, helping enterprise leaders and their teams succeed with their mission-critical priorities.

Since our founding in 1979, we've grown to 21,000 associates globally who support ~14,000 client enterprises in ~90 countries and territories. We do important, interesting and substantive work that matters. That's why we hire associates with the intellectual curiosity, energy and drive to want to make a difference. The bar is unapologetically high. So is the impact you can have here.

What makes Gartner a great place to work?

Our vast, virtually untapped market potential offers limitless opportunities - opportunities that may not even exist right now - for you to grow professionally and flourish personally. How far you go is driven by your passion and performance.

We hire remarkable people who collaborate and win as a team. Together, our singular, unifying goal is to deliver results for our clients.

Our teams are inclusive and composed of individuals from different geographies, cultures, religions, ethnicities, races, genders, sexual orientations, abilities and generations.

We invest in great leaders who bring out the best in you and the company, enabling us to multiply our impact and results. This is why, year after year, we are recognized worldwide as a great place to work.

What do we offer?

Gartner offers world-class benefits, highly competitive compensation and disproportionate rewards for top performers.

In our hybrid work environment, we provide the flexibility and support for you to thrive - working virtually when it's productive to do so and getting together with colleagues in a vibrant community that is purposeful, engaging and inspiring.

Ready to grow your career with Gartner? Join us.

Gartner believes in fair and equitable pay. A reasonable estimate of the base salary range for this role is 116,000 USD - 163,000 USD. Please note that actual salaries may vary within the range, or be above or below the range, based on factors including, but not limited to, education, training, experience, professional achievement, business need, and location. In addition to base salary, employees will participate in either an annual bonus plan based on company and individual performance, or a role-based, uncapped sales incentive plan. Our talent acquisition team will provide the specific opportunity on our bonus or incentive programs to eligible candidates. We also offer market leading benefit programs including generous PTO, a 401k match up to $7,200 per year, the opportunity to purchase company stock at a discount, and more.

The policy of Gartner is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to seek to advance the principles of equal employment opportunity.

Gartner is committed to being an Equal Opportunity Employer and offers opportunities to all job seekers, including job seekers with disabilities. If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Company's career webpage as a result of your disability. You may request reasonable accommodations by calling Human Resources at or by sending an email .

Job Requisition ID : 103382

By submitting your information and application, you confirm that you have read and agree to the country or regional recruitment notice linked below applicable to your place of residence.

Gartner Applicant Privacy Link : applicant-privacy-policy

For efficient navigation through the application, please only use the back button within the application, not the back arrow within your browser.