Principal Analyst, Security and Risk

About the role

At Forrester, we're trusted to work on trailblazing, mission critical problems that business and technology leaders face today. That's why we're always looking to empower talented individuals to perform at their best every single day. We're proud of our community of smart people and vibrant voices who come together to do what's right by our clients and each other. Our success is driven by curiosity, courage and customer obsession. The confidence and drive to be bold at work. Join us and build an extraordinary future. About This Role: Forrester is currently looking for a Principal Analyst serving security and risk professionals primarily in APAC, but also globally. This position will conduct innovative research and deliver practical advice through written reports, presentations, tools and templates, video, inquiries, guidance sessions, and custom advisory for security and risk leaders. Our research is aimed at helping enterprise clients solve business problems and improve business results by applying principles and best practices. We also advise vendors on their strategies and roadmaps in line with our market insights and our recommendations for enterprise clients. This role will operate as a credible authority across multiple adjacent security domains and advise clients deeply in whichever one they need. Their coverage will include managed detection and response (MDR), Zero Trust architecture, and AI security (including risks in generative and agentic AI systems). The Principal Analyst will shape how security leaders adopt modern security practices and influence industry direction through research, client engagement, and market presence. They will help our clients implement effective, real-world security strategies, and grounding research in real-world implementation experience and constraints. This individual will serve CISOs, security and risk professionals, CIOs, CTOs, enterprise architecture professionals, and infrastructure and operations professionals. The successful candidate should be insatiably curious about emerging trends, and motivated to produce high-quality research. They are comfortable in guiding executives in their adoption of best practices, and have a deep understanding of how and desire to operate across geographies and business cultures. They will thrive on covering multiple areas rather than specializing narrowly. Job Description: The Security And Risk Principal Analyst in APAC works as part of a high-performing team and collaborates with others in all aspects of the job. They are expected to: Lead research in one primary domain (e.g., MDR, Zero Trust, or AI security), with the ability to expand coverage across adjacent domains over time. Customize the above research for clients in APAC, connecting it to our global research in these areas. Lead Forrester's evaluative research in managed detection and response in Asia Pacific. Balance domain leadership with broader coverage. Research and write multiple complex research reports per year that convey new security and risk ideas in a rich business context. These reports typically: 1) introduce new thinking about successful business, security, and technology strategies; 2) present organizational and technology implementation plans; 3) compare technologies or services (e.g., via a Forrester Wave™); or 4) predict emerging business opportunities. Research and continuously create intellectual property in the form of short written reports and analyses, video, tools and templates, blogs, etc. on security and risk technologies/services, industry events, predictions, and/or competitive market dynamics. Consult with APAC clients, and those around the globe to apply Forrester's research in the context of their specific business environment and help solve their problems through in-depth guidance sessions and advisory. Present at Forrester-sponsored and industry events and deliver client speeches and webinars. Establish an industry presence as an influential speaker and thinker and build relationships with senior security and risk professionals, the technology vendors that serve them, and the journalists who cover the sector. Participate in vendor briefings and field press inquiries. Develop a deep understanding of what Forrester clients require to be successful as security and risk leaders. Assist sales, customer success, and consulting with clients and prospects. Job Requirements: A strong record of academic achievement (BA or BS) or equivalent work experience. Proven experience in hands-on security and risk work, and ability to bridge strategy and execution. Experience in formulating strategy. Demonstrated ability in providing consultative advice to senior security and technology professionals. Strong foundation in one of security architecture (e.g., Zero Trust, identity, cloud security), or detection and response (e.g., MDR, SOC or incident response). Working knowledge across adjacent domains including identity, access control, d