Job Directory Principal Analyst, Security and Risk - Application Security

Principal Analyst, Security and Risk - Application Security
Cambridge, MA

Companies like
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.


Job Description


Fuel your intellectual curiosity and professional growth. Forrester is an idea company, where smart, motivated, curious people bring a diversity of opinions and the courage of their convictions to collaborate on ideas that change the course of business. Most of all, bring a point of view; here, every voice has value. At Forrester, you'll work with innovative clients at emerging and established brands; these are the business and technology leaders we inspire and who inspire us. The Forrester experience is built on a singular, powerful purpose: to challenge thinking and lead change.

About This Role:

The Principal Analyst conducts innovative research and delivers advice through written reports, advisory, client inquiries, webinars, and event speeches. As part of Forrester's security and risk research team, the Principal Analyst will work with a team of analysts who research client initiatives related to all aspects of application security and secure application development. This individual's coverage will focus on helping clients transform their current software and application security practices to support continuous delivery and improvement across environments and hosting models, while focusing on strong partnerships with application development, operations, and business teams. This will include topics such as proactive security design, security testing in the software delivery life cycle, protection of applications in production environments, and remediation of hardware and software flaws.

The Principal Analyst serves security and risk professionals as well as Forrester clients in other roles, including CIOs, CTOs, enterprise architecture professionals, and application development and delivery professionals. The analyst should have a strong understanding of the most important security and risk trends as well as their business and technology implications. Knowledge of how these issues vary by industry - particularly government, healthcare, and financial services - is a plus. Finally, the Principal Analyst should have an appetite for conducting and writing research, be curious about new and emerging trends, and be comfortable guiding executives in their adoption of best practices.


The Principal Analyst works as part of a small high-performance team and collaborates with others in all aspects of the job. You are expected to:

* Develop a deep understanding of what Forrester clients require to be successful as security and risk leaders.
* Conduct research into key aspects of application security and secure application development.
* Help define the future of information security and risk management, including how these roles can work with other key business functions and support organizational success.
* Write four full research reports per year that convey new security and risk ideas in a rich business context. These reports typically: 1) introduce new thinking about successful business and technology strategies; 2) present organizational and technology implementation plans; 3) compare new technologies or services (e.g., via a Forrester Wave™); or 4) predict emerging business opportunities.
* Write at least eight short research briefs per year on security and risk technologies, industry events, predictions, and/or competitive market dynamics.
* Consult with clients to apply Forrester's research in the context of their specific business environment and help solve their problems through inquiry and advisory.
* Present at Forrester-sponsored and industry events and deliver client webinars.
* Establish an industry presence as an influential speaker and thinker and build relationships with Principal security and risk professionals, the technology vendors that serve them, and the journalists who cover the sector.
* Participate in vendor briefings and field press inquiries.


* A strong record of academic achievement (BA or BS) or equivalent experience.
* Proven experience in security and risk; candidates typically have formulated strategy or provided consultative advice to Principal security professionals.
* Deep intellectual curiosity about the effect of technology on the business landscape; solid business instincts; a practical understanding of how security and risk professionals operate; a creative view of markets, technologies, and attitudes; and a fascination with the future.
* Superior listening, critical thinking, and writing skills, as well as memorable presentation skills. Principal analysts are expected to take complex, disparate ideas and distill them into simple, provocative concepts - and be willing to take a stand on vendors and outcomes.
* The ability to travel 30% to 50% of the time.

Explore #ForresterLife on:







FLSA Status:


Forrester Research, Inc. is an Equal Opportunity/Affirmative Action Employer that is committed to equal employment opportunity for all qualified individuals without regard to race, color, religion, national origin, ancestry, sex, age, disability, sexual orientation, gender identity and expression, marital status, genetic information, military service, veteran status, or any other status protected by applicable law. Minorities, Women, Individuals with Disabilities, and Veterans are especially encouraged to apply.

Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.