Security Engineer (WAF) - Enterprise Security

Hiring near our US Centers of Excellence.Hybrid, flexible environmentIrving, TXGartner offers a hybrid, flexible environment, with remote work that allows associates great flexibility to work from home, and opportunities to connect with colleagues for moments that matter on-site. Candidates that apply should be located within a reasonable proximity to one of Gartner’s Centers of Excellence office locations.About Gartner IT:Join a world-class team of skilled engineers who build creative digital solutions to support our colleagues and clients. We make a broad organizational impact by delivering cutting-edge technology solutions that power Gartner. Gartner IT values its culture of nonstop innovation, an outcome-driven approach to success, and the notion that great ideas can come from anyone on the team.About this roleGartner seeks a Security Engineer to join our top-tier Enterprise Security Team. You will be responsible for implementing and maintaining a robust security posture across Gartner's diverse technology landscape. Your expertise in security best practices, network security, data protection, and endpoint security will be essential in protecting Gartner's assets and ensuring the confidentiality, integrity, and availability of our information.What you will doOptimize security solutions that align with industry best practices and Gartner's specific needs.Design and implement security controls for cloud environments.Create, deploy, maintain and troubleshoot Web Application Firewalls (WAF) policies for new and existing web applications.Review vulnerabilities that impact web applications and develop WAF solutions.Stay abreast of the latest security technologies and trends to identify opportunities for enhancing Gartner's security controls.Review WAF usage and define means to improve and mature protection policies.Collaborate with cross-functional teams to assess security risks, identify vulnerabilities, and develop remediation plans.Understand web applications at a sufficient level to work with developers to implement protective controls that may need to be customized for specific applications.Develop and maintain comprehensive documentation of security processes, procedures, and configurations.Must haveProven experience as a security engineer working on IT security projects in a dynamic environment.Strong understanding of security principles, common attack vectors, and mitigation strategies.Experience network security, data protection, and endpoint security concepts.Experience with implementing security solutions across Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP).A proactive and adaptable approach to problem-solving, with a focus on continuous improvement.Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle.Define key performance indicators (KPIs) and metrics across business units to illustrate effectiveness with WAF controls.Nice to have3-5 years’ experience in managing and deploying web application firewalls, application security, or information security administration.Experience with cloud infrastructure (IaaS) in Azure or AWS is highly desirable.Cloud Industry certifications (AZ500, AWS CSS, CCSK, etc.) are a plus.Strong scripting/development skills in languages like Python, PowerShell, etc.Who you areBachelor’s Degree (or Master’s Degree) in Computer Science, Information Security, or a related field.Excellent communication and interpersonal skills.Strong problem-solving and analytical abilities.Proven experience in implementing and managing security solutions in a corporate environment.Ability to work independently and collaboratively within a team.Results-oriented mindset with a focus on delivering high-quality solutions.Self-motivated and driven to stay updated with the latest security trends, technologies, and best practices.Detail-oriented with a passion for maintaining a high level of accuracy in security assessments and documentation.Strong commitment to professionalism, ethics, and maintaining the confidentiality of sensitive information.Ability to adapt to a fast-paced and ever-changing security landscape.What you will get:Competitive Compensation PackageOngoing mentorship and apprenticeship; Leadership courses, development programs, technical courses, certification opportunities and more!20+ PTO days plus holidays and floating holidays in your first yearExtensive Medical, Dental and Vision plansHybrid environment with flexibility, remote workParental leaveGartner Gives Charity MatchEmployee Assistance Program (EAP)Employee Stock Purchase PlanHealth and wellness related allowance programs401K with corporate match, immediate vestingCollaborative, team-oriented culture that embraces diversityProfessional development and unlimited growth opportunities

#J-18808-Ljbffr