×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant Systems Engineer

Lead AppSec Engineer

Job in Stamford, Fairfield County, Connecticut, 06901, USA
Listing for: Gartner
Full Time position
Listed on 2026-06-05
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant, Systems Engineer
Job Description & How to Apply Below
Hiring near our Irving, TX and Stamford, CT Centers of Excellence with a flexible environment.

About Gartner IT:

Join a world-class team of skilled engineers who build creative digital solutions to support our colleagues and clients.  We make a broad organizational impact by delivering cutting-edge technology solutions that power Gartner.  Gartner IT values its culture of nonstop innovation, an outcome-driven approach to success, and the notion that great ideas can come from anyone on the team.

About the Role:

The Lead Security Engineer will be responsible for supporting Gartner's App Sec function. This individual will play an integral role in, executing daily vulnerability Assessments functions; working closely with Information Security partners, and technology stakeholders to identify risks/vulnerabilities and collaborate with key stakeholders on remediation, developing and tracking risk/vulnerability remediation and prioritize effort across our various business units, partnering to implement security tools, technologies and controls with an appropriate balance of security, business, and user experience, while providing education and training;

and engineer automation solutions and/or security tool integrations to assist with day-to-day App Sec responsibilities.

What you'll do:

* Collaborate with business stakeholders to design secure applications, test applications for security weakness, and partner on remediation of identified issues.

* Mentor engineers and security champions on practical threat modeling techniques

* Triage and prioritize security risks, vulnerabilities, and exceptions in alignment with business impact and risk tolerance.

* Coordinate the orchestration, automation, and management of security technologies and platforms.

* Own day-to-day life cycle management, including identification, threat assessment, threat modeling and risk avoidance.

* Create reasonable and actionable reports showing direct impact to the security posture.

* Define and implement meaningful metrics to measure the effectiveness of security controls through KRIs and security scorecards.

* Serve as a subject-matter-expert for Application Security; act as a first point of contact for critical issues, security risk assessments and triaging CI/CD issues with Partners and stakeholders.

* Evaluate business and technical requirements to identify and implement tools, processes, and technologies to improve our security posture in our environments.

* Use data to drive prioritization, highlight systemic issues, and influence roadmap decisions

What you'll need:

Ideal candidates will have 6-8 years of experience in a Security Engineering role with proven experience in Dev Sec Ops , Cloud Security, and Application Security. Candidates should have strong independent critical thinking, problem-solving skills, and the ability to consistently evaluate and pivot based on the current organizational priorities.

Must Have:

* Experience using vulnerability scanning technologies, AST platforms, and cloud security tooling.

* Formal experience with threat modeling.

* Experience leading projects, initiatives, and resources through direct and indirect leadership.

* Deep knowledge of Assessing and prioritization of Risk with an ability to think like a bad actor and use that context to conduct threat models.

* Cloud experience (AWS, Azure, GCP)

* Infrastructure as Code (IaC) and Policy as Code (PaC) Concepts.

Nice to Have:

* Familiarity with technical security controls, guidelines, and frameworks outlined by standards such as SOC2, ISO 27001/27013, NIST 800-53.

* Ability to automate tasks and code solutions to repetitive problems.

* Scripting or programming experience (Java, .NET, HTML, Ruby, PHP, Perl, C#, Python, JavaScript, Power Shell, Bash)

* Experience with penetration testing and web application assessment.

Who you are:

* Proven communication, collaboration, and critical thinking skills.

* Ability to build trusting, meaningful relationships with peers, stakeholders, partners and suppliers.

* Ability to define and communicate risk in a business-relevant language to both non-technical and technical audiences.

* Ability to apply expert knowledge to solve…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search