Job Closed

This listing is no longer active.

Gartner logo
Gartner

We deliver actionable, objective insight that drives smarter decisions and stronger performance.

Senior Director Analyst, Cybersecurity GRC, Risk & Governance

Security EngineerSecurity EngineerFull TimeRemoteSeniorTeam 10,001+Since 1979H1B SponsorCompany SiteLinkedIn

Location

United States

Posted

112 days ago

Salary

$172K - $202.5K / year

Seniority

Senior

Bachelor Degree12 yrs expEnglishServiceNow

Job Description

Senior Director Analyst, Cybersecurity GRC, Risk & Governance

Gartner

• Create innovative, thought provoking, and highly leveraged “must-have insights” content • Develop new insights and ideas through thought leadership • Offer compelling, actionable approaches to client's needs • Develop in-depth analysis to identify root causes of client barriers • Demonstrate thought leadership in establishing Insights positions • Bring provocative, independent insights for research agenda evolution • Research, analyze and predict market trends for actionable insights • Create and deliver high value presentation materials for events and conferences • Provide sales support to drive engagement with clients • Actively participate in innovation and research discussions • Mentor junior team members and support workflow of others

Job Requirements

  • Bachelor's degree or equivalent experience; Graduate degree preferred
  • 12+ years of experience in Cyber GRC, Information Security, or Enterprise Risk Management, with at least 5 years in a leadership capacity
  • Expert on the identification, assessment, mitigation, and monitoring of cyber risks across the enterprise
  • Implement quantitative and qualitative risk analysis methodologies (e.g., FAIR, NIST RMF)
  • Experience leading cross-functional initiatives to embed cyber risk management into business processes
  • Experience developing and executing an organization’s Cyber GRC strategy
  • Ability to help clients ensure adherence to relevant regulations (e.g., GDPR, CCPA, HIPAA, PCI DSS, SOX, NIST, ISO 27001)
  • Lead audits, assessments, and remediation activities
  • Familiarity with Cyber GRC platforms such as ServiceNow, Drata, Archer, or MetricStream
  • Strong organizational skills; ability to work under tight deadlines
  • Strong written and verbal proficiency; ability to engage clients and respond effectively to questions
  • Proficient in analyzing and synthesizing data; apply patterns and frameworks while defending conclusions
  • Subject matter expertise; comfortable presenting at various speaking engagements
  • Ability to represent Gartner's research methodology and strategies effectively at all levels
  • Willingness and ability to travel up to 25% (where applicable).

Benefits

  • Generous PTO
  • 401k match up to $7,200 per year
  • Opportunity to purchase company stock at a discount
  • World-class benefits
  • Highly competitive compensation
  • Annual bonus plan or role-based sales incentive plan

Related Categories

Related Job Pages

More Security Engineer Jobs

Airwallex logo

Senior Product Security Engineer

Airwallex

Empowering businesses to grow beyond borders

Security Engineer113 days ago
Full TimeRemoteTeam 1,001-5,000Since 2015H1B Sponsor

About Airwallex Airwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 200,000 businesses worldwide - including Brex, Rippling, Navan, Qantas, SHEIN and many more - with fully integrated solutions to manage everything from business accounts, payments, spend management and treasury, to embedded finance at a global scale. Proudly founded in Melbourne, we have a team of over 2,000 of the brightest and most innovative people in tech across 26 offices around the globe. Valued at US$8 billion and backed by world-leading investors including T. Rowe Price, Visa, Mastercard, Robinhood Ventures, Sequoia, Salesforce Ventures, DST Global, and Lone Pine Capital, Airwallex is leading the charge in building the global payments and financial platform of the future. If you're ready to do the most ambitious work of your career, join us. Attributes We Value We hire successful builders with founder-like energy who want real impact, accelerated learning, and true ownership. You bring strong role-related expertise and sharp thinking, and you're motivated by our mission and operating principles. You move fast with good judgment, dig deep with curiosity, and make decisions from first principles, balancing speed and rigor. You're humble and collaborative; turn zero-to-one ideas into real products, and you "get stuff done" end-to-end. You use AI to work smarter and solve problems faster. Here, you'll tackle complex, high-visibility problems with exceptional teammates and grow your career as we build the future of global banking. If that sounds like you, let's build what's next. Your role As a Senior Security Engineer at Airwallex, you will be a trusted member of the Information Security team and work closely with Infrastructure, Product and Engineering teams across the business. Reporting directly to the Product Security Engineering Manager, this role will see you being a critical part of Airwallex, helping to identify, protect, detect, respond and recover the organisation from cybersecurity threats. This is a dynamic and hands-on role that requires experience in designing, developing and managing infrastructure projects, processes and standards related to the security of our networks, systems and applications. What you'll be doing - Partner with other teams within Airwallex to analyse new or existing applications, software, or services and help drive security improvements. - Design, develop, test, and evaluate new security controls for a rapidly growing business. - Perform incident response and hunt through log sources to identify new threats. - Design and implement custom detection strategies and workflows to support the incident response lifecycle. - Analyse and develop integration, testing, operations, and maintenance of secure systems. - Use data collected from a variety of endpoint, network and cloud tools (e.g. EDR, authentication, firewalls, network traffic logs) to analyse, identify and mitigate threats. - Design, test, implement, deploy and maintain cybersecurity infrastructure projects. - Investigate, analyse and respond to cybersecurity incidents within the Airwallex environment. - Perform assessments of systems and networks to identify deviations in configurations and policies, identify vulnerabilities and support suitable mitigation and remediation. - Conduct collection, processing, and/or geolocation of threats in order to exploit, locate, and/or track cybersecurity threats infrastructure. - Perform network navigation, tactical forensic analysis, and defensive operations. - Identify, collect, examine, and preserve digital forensic evidence using analytical and investigative techniques. Minimum Qualifications (must-have) - 5+ years working in a security engineering or incident response role within a tech company - In depth experience with at least one major cloud platform - Strong knowledge of common software development tools and infrastructure, including CI/CD tooling and pipelines - Comprehensive understanding of common attacker tools and techniques, how they can be detected and prevented, and ability to respond to incidents with high depth and quality of investigation - Strong communication skills with the ability to explain technical security and software concepts to a non-technical audience - A passion for solving the complex challenges of high-growth startups - Self motivation and drive to learn new skills, or dive deeper into existing skills Highly Desired - Bachelor's degree in Cybersecurity, Computer Science or similar - Recognised training or cybersecurity certifications (eg OSCP, GIAC, CEH) - Strong experience with Splunk and other common security monitoring tools - Past DevOps/SRE experience with Kubernetes - Experience with GCP or Alibaba Cloud (with or without certification) - Experience with Okta, GSuite, and cloud-based VPN services - Experience with Python, Java/Kotlin - Published articles, journals or blogs related to cybersecurity Applicant Safety Policy: Fraud and Third-Party Recruiters To protect you from recruitment scams, please be aware that Airwallex will not ask for bank details, sensitive ID numbers (i.e. passport), or any form of payment during the application or interview process. All official communication will come from an @airwallex.com email address. Please apply only through careers.airwallex.com or our official LinkedIn page. Airwallex does not accept unsolicited resumes from search firms/recruiters. Airwallex will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s). Search firms/recruiters submitting resumes to Airwallex on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary. Equal opportunity Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don't regard color, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status when making our hiring decisions. If you have a disability or special need that requires accommodation, please let us know. #BI-Hybrid

California
Job Closed
Bechtel logo

Cybersecurity Business Information Security Officer

Bechtel

Bechtel, founded in 1898, is one of the world’s leading and most widely recognized construction, engineering, and project management firms. The company was fo

Security Engineer113 days ago

Serve as the primary cybersecurity risk advisor, ensuring proactive risk management and compliance with policies. Facilitate business alignment with cybersecurity objectives and provide leadership on risk posture and assurance outcomes.

Virginia + 1 moreAll locations: Virginia | Texas

Senior Cybersecurity Engineer

Warner Bros. Discovery

Warner Bros. Discovery (WBD) is a prominent global media and entertainment conglomerate, renowned for its expansive television, film, streaming, and gaming port

Security Engineer113 days ago

Title: Sr. Cybersecurity Engineer Location: MD Silver Spring 8403 Colesville Road Job Description: Welcome to Warner Bros. Discovery… the stuff dreams are made of. Who We Are… When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the creators bringing them to your living rooms and the dreamers creating what’s next… From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive. *Must be able to work a hybrid schedule (3 days onsite) out of our DC, Silver Spring, or Atlanta office.* The WBD Security Engineering team empowers the WBD Global Information and Content Security (GICS) teams by supporting the Security Engineering, Security Architecture, Threat Detection and Response, and other Security teams/functions through the deployment, management, and maintenance of shared, reliable, and extensible security platforms/systems. The Sr. Cybersecurity Engineer plays a key role in the GICS security engineering team, ensuring that security best practices are followed and that tools and processes that support a secure platform are maintained and kept up to date. The ideal candidate will be responsible for the design, implementation, and management of Splunk infrastructure, ensuring high performance, availability, and scalability. This role will require deep technical expertise in Splunk as well as the ability to work collaboratively with other teams to integrate Splunk into various IT and security systems. An ideal candidate is expected to: - Plan, design, engineer and implement security-related technologies - Identify and communicate opportunities to enhance the security posture ofWBD. - Build and / or manageenterprise security platforms effectively(mainly Splunk and SOAR). Splunk Focused Responsibilities: Design and Architecture: Lead the design, deployment, and maintenance of Splunk infrastructure across multiple environments Develop and implement best practices for scaling and optimizing Splunk deployments. Architect complex Splunk solutions tailored to the organization’s needs, ensuring data integrity and optimal performance. Data Ingestion and Management: Integrate and ingest data from various sources (applications, network devices, security tools) into Splunk, ensuring data normalization and enrichment. Create and manage data models, field extractions, lookups, and accelerations. Dashboard and Alerting: Design, develop, and maintain custom dashboards, reports, and alerts for different stakeholders (IT, Security, Compliance). Implement real-time monitoring and alerting solutions to detect and respond to critical incidents. Security and Compliance: Work closely with the Security Operations Center (SOC) to support security monitoring, threat detection, and incident response efforts. Ensure Splunk deployments meet compliance requirements and are aligned with industry standards (e.g., PCI, HIPAA, GDPR). Collaboration and Support: Collaborate with cross-functional teams (developers, network engineers, security analysts) to ensure seamless integration of Splunk with other systems. Provide mentoring and training to junior Splunk engineers and other IT staff. Troubleshoot and resolve complex Splunk-related issues, ensuring minimal downtime and service disruption. Automation and Scripting: Develop scripts and automation tools to streamline Splunk administration, data ingestion, and reporting tasks. Utilize Splunk’s REST API for advanced integrations and custom solutions. Documentation and Reporting: Maintain detailed documentation of Splunk architecture, configurations, processes, and procedures. Generate periodic reports on Splunk performance, usage, and incidents for management review. Role Accountabilities: - Plan, design, engineer and implement security-related technologies - Understanding technical security issues, their implications within WBD business units and able to effectively communicate them to management and other business leaders. - Configure, troubleshoot, and maintain Splunk infrastructure - Conduct security audits and assessments to regularly determine the effectiveness of security platforms and identify areas of improvement. - Host and operating systems hardening, auditing, monitoring and logging with appropriate security controls and best practices while meeting security best practices and business goals - Research and explore emerging security technologies and determine their appropriate use within the company. - Prepare, document, and create standard operating procedures and protocols. - Cross-train and mentor other team members as needed. Qualifications & Experiences: - A minimum of 5+ years of hands-on experience in building, designing, and maintaining enterprise security tools such as SIEM and SOAR. - Minimum of 5 years of experience working with Splunk in a large-scale environment. - Proven experience in designing and managing Splunk Enterprise, and Splunk Cloud - 5+ years of successfully implementing advanced cyber security technology in a complex environment - Bachelor's degree in computer science, engineering, or other related discipline or 5+ years of previous technical security experience - Strong knowledge of Splunk SPL (Search Processing Language) and regular expressions - Experience with cloud platforms (AWS, Azure, GCP) and their integration with Splunk. - Hands on technical experience with networking and computing system architectures, specifically, the security aspects thereof. - Hands on technical experience with compliance and regulatory frameworks and how they affect architecture designs and reviews. - Must have 5+ scripting experience (using Python or other equivalent languages) Not required but preferred experience: - Security and Cloud certifications are a plus. (CISSP, etc.) - Splunk Advance certification (Splunk Cloud Certified Admin, Enterprise Certified Admin, Enterprise Certified Architect, etc.) is a plus. Championing Inclusion at WBD Warner Bros. Discovery embraces the opportunity to build a workforce that reflects a wide array of perspectives, backgrounds and experiences. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law. If you’re a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page for instructions to submit your request. In compliance with local law, we are disclosing the compensation, or a range thereof, for roles in locations where legally required. Actual salaries will vary based on several factors, including but not limited to external market data, internal equity, location, skill set, experience, and/or performance. Base pay is just one component of Warner Bros. Discovery’s total compensation package for employees. Pay Range: $121,100.00 - $224,900.00 salary per year. Other rewards may include annual bonuses, short- and long-term incentives, and program-specific awards. In addition, Warner Bros. Discovery provides a variety of benefits to employees, including health insurance coverage, an employee wellness program, life and disability insurance, a retirement savings plan, paid holidays and sick time and vacation.

Maryland + 2 moreAll locations: Maryland | Georgia | District Of Columbia
$121.1K - $224.9K / year
Job Closed
admeritia GmbH logo

Management Consultant, Security – Regulatory Affairs

admeritia GmbH

Securing technology – empowering humans – You have security questions? https://calendly.com/frag-deinen-berater/15min

Security Engineer113 days ago
Full TimeRemoteTeam 11-50Since 2004H1B No Sponsor

• Coordinate program-level projects and maintain coherence across our clients' workstreams and internal client development • Identify issues and develop solutions • Provide subject-matter problem solving in the regulatory context

Germany