The Application Security Engineer will be responsible for leading and managing existing Threat and Vulnerability Management (TVM) security service components which includes the following: Web and Mobile application security testing, enabling Web Application Firewall (WAF), performing analysis and driving remediation of Emerson’s external perimeter security gaps and weaknesses. In addition, this position will be responsible for reviewing and enforcing security requirements into projects and the Software Development Lifecycle (SDLC). Finally, the Application Security Engineer will also support vulnerability response byresponding to various security vulnerabilities to Emerson by identifying the vulnerability, determining the scope, impact and course of action to remediate.
The Application Security Engineer will interface with the Emerson Business Group information security and application leaders to provide timely security assessments, reporting, guidance and assist with remediation.
PRINCIPAL FUNCTIONAL RESPONSIBILITIES
Manage, coordinate and execute web and mobile application security assessments utilizing existing tools such as Whitehat.
Manage and drive remediation of perimeter security findings and vulnerabilities utilizing tools such as Bitsight and Security Scorecard to maintain a superior digital hygiene score.
Assist with vulnerability response by performing analysis, determining Enterprise scope, impact and remediation of identified ad hoc vulnerabilities.
Perform firewall rule and port request analysis, review and coordination.
Perform application analysis and define WAF Policies to mitigate application exploits
Support reviewing and enforcing security requirements with projects and the Software Development Lifecycle (SDLC).
Document standards and best practices for common web applications and infrastructure.
Assist in the continuous development and improvement of methodologies and processes for TVM service components.
Help deliver new security services to support our customers
Provide detailed communication, guidance and remediation support for our worldwide customers
Deliver detailed presentations and reports to Emerson management teams
Coordinate with various security vendors to support Threat and Vulnerability Management services consisting of web, mobile, penetration testing, vulnerability scanning and threat response
Develop and provide vulnerability reporting to customers and assist in remediation
Review and maintenance of service documentation
Track and manage vulnerabilities and remediation
Assist with application security standards and policy documentation
Assist in application security training and awareness
Assist in scoping of application security engagements