Senior Director Analyst - Security Operations, Threat Detection, Response and Automation locations Remote - United Kingdom Remote - Germany Remote - Spain Remote - Poland time type Full time job requisition id 109383 What makes Gartner Research a GREAT fit for you? - You are a team player who values expert insights, bold ideas and intellectual courage. - You are always learning and looking to discover what’s next in technology. - You believe that good technology needs to be balanced with good governance, planning and process. - You pursue personal excellence through team collaboration and consensus If this describes you, Gartner is looking for you! Gartner is an upbeat culture based on collaboration, teamwork, integrity and objectivity that values creativity and innovation. As a Gartner analyst, you’ll not only help clients solve complex challenges and deliver on key initiatives, you’ll grow your career and the scope of your impact across industries. We work hard — and we reward success with exceptional opportunity. About this role: This role creates thought leading security operations, monitoring and vulnerability management research to our Gartner for Technical Professionals clients through published research, conversations with client (Inquiry), stage presentations, teleconferences, and client meetings. It is important that you have a vision for how security operations, threat detection, response and automation will evolve worldwide and at a regional level. What you’ll do: As a Gartner analyst you will meet with clients every day: on the phone, in a video-conference, from the stage at a Gartner event or face-to-face during a sales support visit. In every client interaction analysts help clients solve difficult puzzles that lead to better performance. To support these conversations you will research technology, practices and trends and produce written research for Gartner clients to download and apply. - Conduct research and analysis in specific areas of expertise targeting client’s key initiatives. - Deliver high quality actionable advice through a variety of media. - Write high quality, clear, actionable, advisory research documents. - Remain ahead of the curve on developments and issues within these specified areas as well as applicable adjacent areas. - Articulate and defend assigned topic positions during discussions, while demonstrating openness to reconsidering viewpoints and accepting consensus decisions - Respond to client questions, create materials for and deliver to clients in person, via teleconference, video conference or webinar and event presentations - Maintain the Gartner’s industry leadership reputation by responding to press inquiries - Proactively work with the wider sales organization and deliver outstanding sales support to retain and grow the business What you’ll need: It helps to be obsessed with your topic! Gartner analysts are correctly viewed as THE experts. This means you need to know your markets, vendors, trends, management practices, etc. and be able to see the forest and the trees. Most Gartner analysts have many years of experience and enjoy solving puzzles. - Subject matter expertise in security operations, threat detection, incident response and automation technologies, with the ability to demonstrate understanding of the business requirements and opportunities in that market - Knowledge of security information and event management (SIEM) systems - Knowledge of threat detection sources that contribute and integrate into the SOC ecosystem and security platforms, like SIEM and security data lakes - Knowledge of security operations in on-premises and cloud environments - Knowledge of incident response and/or threat hunting processes and relevant technologies - Knowledge of security operations center processes, metrics and reporting to both technical and executive audiences - Knowledge security automation solutions such as AI SOC agents and security automation features in platforms like SIEM - Ability to mentor security staff at all levels for their role and personal development. - Broad understanding of operational security internally and under a commercial framework. - Knowledge of the global landscape, and the competitive interplay between incumbents, emerging providers, disruptors and outsourcers - Demonstrated superior analytical skills, applying conceptual models, recognizing patterns while drawing and defending conclusions. Strong business and financial acumen as well as analytical skills are required for this position - Articulate and succinct communication skills. Publishing and Speaking engagements an advantage - Minimum of 7 years of experience in a security architect or security operations related role - Bachelor's or equivalent experience, Master's degree preferred - Ability to conduct occasional travel, regionally and globally - Experienced public speaking and executive presence with security and business leaders #LI-AJ3 Who are we? At Gartner, Inc. (NYSE:IT), we guide the leaders who shape the world. Our mission relies on expert analysis and bold ideas to deliver actionable, objective business and technology insights, helping enterprise leaders and their teams succeed with their mission-critical priorities. Since our founding in 1979, we’ve grown to 20,000 associates globally who support over 13,000 client enterprises in ~90 countries and territories. We do important, interesting and substantive work that matters. That’s why we hire associates with the intellectual curiosity, energy and drive to want to make a difference. The bar is unapologetically high. So is the impact you can have here. What makes Gartner a great place to work? Our vast, virtually untapped market potential offers limitless opportunities – opportunities that may not even exist right now – for you to grow professionally and flourish personally. How far you go is driven by your passion and performance. We hire remarkable people who collaborate and win as a team. Together, our singular, unifying goal is to deliver results for our clients. Our teams are inclusive and composed of individuals from different geographies, cultures, religions, ethnicities, races, genders, sexual orientations, abilities and generations. We invest in great leaders who bring out the best in you and the company, enabling us to multiply our impact and results. This is why, year after year, we are recognized worldwide as a great place to work. Gartner is the world authority on AI At Gartner, you’ll join a company at the very center of the AI revolution. Gartner has proactive, objective guidance throughout clients’ AI journeys. We set the standard for how organizations leverage artificial intelligence to drive meaningful impact. You’ll have access to unmatched resources, expertise, and technology, and play a key role in helping Gartner and our clients innovate and grow as we leverage AI to transform business and technology landscapes. It’s an exciting time to be at Gartner, with limitless opportunities to make a real impact, grow your skills, and build a lasting, meaningful career in a field that’s reshaping the way we operate. If you’re passionate about AI and want to be part of a team that’s guiding the leaders who shape the world, Gartner is the place for you. What do we offer? Gartner offers world-class benefits, highly competitive compensation and disproportionate rewards for top performers. In our hybrid work environment, we provide the flexibility and support for you to thrive — working virtually when it's productive to do so and getting together with colleagues in a vibrant community that is purposeful, engaging and inspiring. Ready to grow your career with Gartner? Join us. The policy of Gartner is to provide equal employment opportunities to all applicants and employees without regard to race, color, creed, religion, sex, sexual orientation, gender identity, marital status, citizenship status, age, national origin, ancestry, disability, veteran status, or any other legally protected status and to seek to advance the principles of equal employment opportunity. Gartner is committed to being an Equal Opportunity Employer and offers opportunities to all job seekers, including job seekers with disabilities. If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access the Company’s career webpage as a result of your disability. You may request reasonable accommodations by calling Human Resources at +1 (203) 964-0096 or by sending an email to ApplicantAccommodations@gartner.com. Job Requisition ID:109383 By submitting your information and application, you confirm that you have read and agree to the country or regional recruitment notice linked below applicable to your place of residence. Gartner Applicant Privacy Link: https://jobs.gartner.com/applicant-privacy-policy

• Security Monitoring & Alert Triage: Actively monitor SIEM, EDR/XDR, and other security tools to detect, analyze, and triage security alerts. Follow established playbooks to ensure timely and accurate initial response to potential threats. • Process Efficiency & Automation: Utilize existing Security Orchestration, Automation, and Response (SOAR) platforms to handle alerts efficiently. Identify repetitive manual tasks and implement automations. • SIEM & Detection Engineering: Integrate and set up the ingestion of log sources to a SIEM tool, including the normalization of fields and data. Create timely monitoring solutions for relevant threats based on active threat intelligence. Share responsibility for detection and log lifecycle / maintenance. • Threat Intelligence: Consume and review daily threat intelligence feeds, security advisories, and industry alerts to ensure the company is protected against known Indicators of Compromise (IoCs) and emerging threat trends. • IT Operations & Asset Security: Work closely with IT Operations to maintain accurate hardware and software asset inventories. Assist in deploying and troubleshooting endpoint security agents to ensure a secure baseline for all employee devices. • Cross-Functional Technical Partnership: Collaborate extensively with resources in Engineering, Product, IT, and other departments to embed operational security requirements, influence architectural decisions for detectability, and foster a strong security culture. Serve as the primary security technical expert for these partnerships. • Compliance & Operational Reporting: Assist in generating routine security metrics and operational reports. Help gather technical evidence to support adherence to security policies and compliance audits (e.g., SOC 2, ISO 27001).

• Аналізувати, класифікувати та розслідувати сповіщення безпеки, інциденти і підозрілу активність (L2/L3) • Розробляти та оптимізувати правила кореляції, сценарії виявлення загроз, дашборди, алерти та звіти в SIEM • Інтегрувати нові джерела логів у SIEM, налаштовувати парсери та нормалізацію подій • Розвивати use cases і playbooks реагування на інциденти • Взаємодіяти з командами інфраструктури та мереж • Готувати інцидентні звіти, технічні висновки й рекомендації • Брати участь у PoC/Pilot SIEM-рішень, оцінці нових інструментів та розвитку SOC-архітекту

• Act as the Physical Security Point of Contact for EV-charging projects • Establish and maintain detailed project schedules. • Ensure all security deliverables and installations align with the construction or project delivery timeline. • Work closely with Security stakeholders to secure necessary approvals for designs, risk level identification, security guard planning, and hardware deviations. • Manage project delivery across diverse sites within the US and EMEA regions. • Proactively identify potential blockers and escalate issues to leadership with proposed solutions. • Manage stakeholders including architects, engineers, and supply chain to deliver compliant projects. • Production of formal project status reports and other reports as required.