BASIC FUNCTION

The Application Security Engineer will be responsible for managing and executing security penetration tests against various Emerson computing platforms, applications, infrastructure and products. This position will coordinate with various Emerson Business Group information security and application leaders to provide timely security vulnerability assessments, reporting, guidance and assist with vulnerability remediation.

PRINCIPAL FUNCTIONAL RESPONSIBILITIES

Manage, coordinate and execute penetration and ethical hacking testing against Emerson's major computing environments.

Testing will include network, web, mobile and client server applications and Emerson commercial products.

Develop detailed vulnerability reports for application owners and management teams.

Conduct detailed penetration test report read-outs with application owners and management teams and provide remediation recommendations

Assist in the continuous service improvement of testing tools, methodologies and processes for penetration testing.

Help deliver new TVM security services to support our customers.

Review and maintenance of service documentation

Assist with application security standards and policy documentation

Assist in application security training and awareness

Assist in scoping of application security engagements

Support other TVM services such as Web and mobile vulnerability testing, Vulnerability response, Firewall rule reviews EDUCATION/LANGUAGE

A Bachelor's degree in Management Information Systems (or equivalent)

General knowledge of network and software design

Security+, preferred

Certified Ethical Hacker (CEH), preferred

Offensive Security Certified Professional (OSCP), preferred

Other security certifications: Systems Security Certified Practitioner (SSCP), preferred

EXPERIENCE/SKILLS

3- 5 years' experience performing network and application security testing

Working knowledge of software vulnerabilities (i.e., SQL Injection, XSS, buffer overflows)

Experienced in Network, Web and Mobile technologies and vulnerabilities

Familiarity with penetration testing tools such as Nessus vulnerability scanners, BurpSuite Pro, Metasploit, Kali Linux

Excellent organizational, analytical, verbal and written communication skills are essential

Strong customer service skills

Intermediate networking knowledge

Ability to test a variety of projects simultaneously and to learn new tools and security testing methodologies in a team-oriented environment

Background in application development is highly desirable