Sr Director, Analyst, Application Security Strategy (Remote EMEA/Canada)

What we are looking for:

Gartner is looking for an analyst to provide research and advisory services to global clients in the US, Canada, EMEA and beyond. You have experience as an Enterprise Application Security Leader, Application Leader, or IT Leader researching and advising on application security strategies or frameworks or application security consultant working with senior-most enterprise leadership.

Who you are:

The successful candidate will possess thought leadership and have extensive knowledge in working with Enterprise Application security strategies and leadership. Experience and understanding of creating Risk Assessments, Security Compliance, Security Reporting and Security Policy Development are preferred. You also have a strong sense of the application security challenges facing Application Leaders today.

Hot topics to discuss with Senior Leadership:

1. Why is it important to have a security compliance policy for Enterprise Application vendors to adhere to?
2. What are the benefits for a risk assessment program to evaluate Enterprise Application vendors?
3. How to develop metrics to measure success of an Application Security program?
4. Working with the Security Group, how to create an application security policy that achieves an enterprise's overall application and business strategies?

What you'll do:

You will work with a collaborative team of highly experienced analysts and advisors to build authoritative research and advice that directly addresses the priorities and challenges of clients aligned to Enterprise Application Leader.

This includes: research and represent thought leadership and advise Application leaders and Business Leaders and their leadership team on:

1. Working closely with the Enterprise Applications, Software Engineering, Enterprise Architect, CISO (chief information security officer) and CIO teams to create an overarching applications security strategy for organizations than spans multiple areas like ERP, CRM and Digital Workplace.
2. Developing security frameworks and templates that application leaders can use to create a business case to acquire new security applications and communicate the ROI of application security investments.
3. Providing thought leadership and a strong point of view on overarching megatrends and predictions impacting the security of all enterprise applications so to help organizations future proof their application strategy.
4. How to organize and lead application security teams (i.e., location of work, roles & responsibilities, operating model, organization design, evaluating application team performance, developing budget / finance).
5. Remain ahead of the curve on developments and issues within these specified areas as well as applicable adjacent areas of artificial intelligence (AI) and generative AI.
6. Deliver high quality actionable advice through face-to-face and video-based presentations and discussions with clients.
7. Write high quality, clear, actionable, advisory research documents.

What you'll need:

To thrive in this role, it helps if you are obsessed with your topic! Gartner analysts are correctly viewed as THE experts. This means you need to know your markets, vendors, trends, management practices, etc. and be able to see the forest and the trees.

1. 12+ years extensive knowledge in working with IT and business leaders on developing application security strategies with delivering business value (i.e., performance metrics, decision authority between the business and application teams, relationship management with the business, etc.).
2. Bachelor's degree preferred or equivalent experience.
3. Extensive knowledge in working with CIOs (or 'Heads of IT'), CISOs / Security Groups and business leaders on developing application security strategies with delivering business value (i.e., performance metrics, decision authority between the business and application teams, relationship management with the business, etc.).
4. Strong familiarity with creating Enterprise Application Security Roadmaps and Performance Metrics preferred.
5. An ability to articulate the role application security technology plays in delivering business value.
6. Experience in organizing and leading application security teams (i.e., location of work, roles & responsibilities, operating model, organization design, evaluating application team performance, budget / finance, relationships with Enterprise Architect and PMO teams, etc.).