Application Security Engineer III

Application Security Engineer III

»

Date:Apr 9, 2024

Location: REMOTE, REMOTE, US

Company: Leggett & Platt

We, at Leggett & Platt Inc., are searching for a(n) Application Security Engineer (WAF) within our Corporate ITteam to help support our strategic business objectives. As a global-diversified manufacturing company, it’s sometimes hard to explain all the different things we do. We like to say, “we’re the biggest company no one has ever heard of.” We are confident you interact with one of our products in your daily life without knowing it. Whether it’s the mattress you sleep on, the car you drive, the plane you fly on, or the furniture you sit on, our high-quality components are there supporting you. If you join our team, your work will ensure people across the world have a little more comfort in their lives.

As an Application Security Engineer, you will report to and partner with the Director of Security Engineering and will be a part of a fast-paced, results-driven, multi-national manufacturing organization . You will design, build, configure, deploy, and support the Web Application Firewall (WAF) and BOT mitigation policies for on premise and in the cloud WAF deployments.

So, what will you be doing as a(n) Application Security Engineer?

You will leverage your working experience with various WAF technologies, applying cybersecurity controls and working with various key partners in the organization to protect our internal and external applications. You’ll lead the application security protection program through technology, process improvements, documentation, partnerships, and execution.

Conduct a comprehensive assessment of the management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine the effectiveness of the controls.

Engineer, configure, deploy, and maintain Web Application Firewall solutions.

Configure new sites and applications for WAF protection and perform analysis of traffic to remove false positives.

Work with application developers and developer teams to analyze, prioritize, and support WAF configurations or application remediation to address security issues.

Develop, maintain, test, and troubleshoot WAF rules/signatures to mitigate threats and implements best practices.

Create and update documentation including security diagrams, policies, procedures, playbooks, and run books.

Develop automation for security tools management and workflow integration using, Jenkins, Terraform, ansible, bash, python, or other automation languages.

Perform root cause analysis on incidents, issues, and determine the proper course of action.

Update threat models based on WAF event patterns.

Analyze WAF traffic, network packet captures, and tuning rules or creating remediation action plans for the lines of business and respond to WAF events.

Supports and ensures stability of the WAF platforms.

Evaluate applications and determine if applications are in-scope for WAF.

To be successful in this role, you’ll need:

Bachelor’s degree or equivalent years (5-8+) as a WAF Security Engineer

Cybersecurity, privacy principles, threats, vulnerabilities, risk management, and IT security methods. (e.g., firewalls, demilitarized zones, encryption).

Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).

Network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services (e.g., Microsoft Active Directory, LDAP, etc.)

Python/HTML/CSS/JavaScript

Basic understanding of OSI model and function

Configuring and optimizing software for on-premise or cloud solutions

Professional security certification desired (CISSP, CISM, CISA, etc.)

What to Do Next

Now that you’ve had a chance to learn more about us, what are you waiting for! Apply today and allow us the opportunity to learn more about you and the value you can bring to our team. Once you apply, be sure to create a profile, and sign up for job alerts, so you can be the first to know when new opportunities become available.

Our Values

Our values speak to our shared beliefs, and describe how we approach working together.

Put People First reflects our commitment to safety and care of each other, learning and development, and creating an inclusive environment of mutual respect, empathy and belonging.

Do the Right Thing focuses us on acting with honesty and integrity, delivering the results the right way, taking pride in our work, and speaking the truth – good or bad.

Do Great Work…Together occurs when we engage without hierarchy, collaborate as a team, embrace challenges, and work for the good of all of us.

Take Ownership and Raise the Bar demonstrates our responsibility to add value and make a difference, challenge the status quo and biases to make things better, foster innovative and creative solutions to drive impact, and explore new perspectives and embrace change.

Our Commitment to You

We're actively taking steps to make sure our culture is inclusive and that our processes and practices promote equity for all. Leggett & Platt is comprised of people of all abilities, gender identities and expressions, ages, ethnicities, sexual orientations, veteran status, and more. Join us!

We welcome and encourage applications if you meet the minimum qualifications. Even if you do not meet the preferred qualifications, we’d love the opportunity to consider you.

Equal Employment Opportunity/Affirmative Action/Veteran/Disability Employer

For more information about how we handle your personal data in connection with our recruiting processes, please refer to the Recruiting Privacy Notice on the “Privacy Notice” tab located at http://privacy.leggett.com

Job Segment: Manufacturing Engineer, Application Engineering, Engineer, Engineering

»