AmbitionBox
Search
Jobs
- Reviews
- Salaries
- Interview Questions
- About Company
- Benefits
- Jobs
- Office Photos
- Community
Add office photos
All Filters
43 Reuters News Jobs
Senior Security Engineer
Reuters News
posted 3mon ago
Job Role Insights
Key skills for the job
Job Description
About the Role:
- Maintain enterprise best practice configurations guidelines for WAF usage across TR
- Develop maintain baseline WAF security rulesets based on vendor TR best practices
- Support application team WAF onboarding with rule deployments, log enrichment analysis, and rule recommendations based on analysis
- Consult with Cyber Defense (SOC, CIRT, Threat Detection) stakeholders to assist with operationalizing WAF alerting to SOC supporting runbook development
- Effectively communicate technical concepts to business lines and stakeholders
- Collaborate with other security and network engineers to support other network security related projects such as network IDS/IPS, network DLP, and SSL inspection
- Collaborate with ISRM stakeholders such as security architecture, product security, incident response, and threat detection to ensure services are meeting stakeholder expectations
- Consult with application teams on supporting development of rate limiting bot management rules
About you:
- Bachelor s degree preferred and/or 7+ years of relevant professional Network Security / Network Engineering experience
- Minimum of 5 years in network security with a strong focus on application layer security, with at least 2 years of working experience with WAF solutions
- Solid understanding of OWASP Top 10 and experience testing the most common injection vulnerabilities: Cross-site Scripting (XSS), XML External Entities (XXE), SQL Injection (SQLi), OS Command Injection.
- Understanding of Denial of Service (DoS) and Distributed DoS attacks at the Network, Transport and Application layer.
- Strong scripting and automation skills using languages such as Python and additionally Powershell
- Proven experience with maintaining enterprise WAF capabilities with providers such as Cloudflare, Mod Security or cloud native WAF services such as AWS WAF
- In-depth knowledge of security principles, protocols, and best practices.
- Proficient in analyzing large datasets using tools like Splunk, Datadog, or other SIEM/logging technologies
- Experience with cloud platforms such as AWS, Azure, Google Cloud, and/or OCI.
- Ability to work independently while driving projects to conclusion
Preferred Qualifications
- Experience testing less common injection vulnerabilities: Server-side Request Forgery (SSRF), Server Side Template Injection (SSTI), Insecure Deserialization, LDAP Injection, NoSQL Injection, Expression Language Injection.
- Experience with configuration management through git based source control
- Experience with Infrastructure as Code (IaC) such as Terraform, CloudFormation, ARM or Bicep.
- Experience with other network security technologies such as IDS/IPS, NextGen Firewalls, network DLP, and SSL inspection capabilities.
- Understanding of network transport protocols and services (TCP/IP, syslog, DNS, VLANs, VRF, SFTP, SSH, PKI, etc )
- Unix/Linux knowledge, can operate in a Linux environment
#LI-HS1
Whats in it For You
- Hybrid Work Model: We ve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected
- Wellbeing: Comprehensive benefit plans; flexible and supportive benefits for work-life balance: flexible vacation, two company-wide Mental Health Days Off; work from another location for up to a total of 8 weeks in a year, 4 of those weeks can be out of the country and the remaining in the country, Headspace app subscription; retirement, savings, tuition reimbursement, and employee incentive programs; resources for mental, physical, and financial wellbeing.
- Culture: Globally recognized and award-winning reputation for equality, diversity and inclusion, flexibility, work-life balance, and more.
- Learning Development: LinkedIn Learning access; internal Talent Marketplace with opportunities to work on projects cross-company; Ten Thousand Coffees Thomson Reuters caf networking.
- Social Impact: Ten employee-driven Business Resource Groups; two paid volunteer days annually; Environmental, Social and Governance (ESG) initiatives for local and global impact.
- Purpose Driven Work: We have a superpower that we ve never talked about with as much pride as we should - we are one of the only companies on the planet that helps its customers pursue justice, truth and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world.
We help these professionals do their jobs better, creating more time for them to focus on the things that matter most: advising, advocating, negotiating, governing and informing.
Employment Type: Full Time, Permanent
Read full job description What people at Reuters News are saying
Reuters News Benefits
Gymnasium 
Cafeteria 
Work From Home 
Soft Skill Training 
International Relocation 
Compare Reuters News with
Accenture
Compare
Genpact
Compare
Infosys
Compare
Capgemini
Compare
Amazon
Compare
Cognizant
Compare
IBM
Compare
Wipro
Compare
Tech Mahindra
Compare
Deloitte
Compare
Teleperformance
Compare
HDFC Bank
Compare
Larsen & Toubro Limited
Compare
HCLTech
Compare
Bharti Airtel
Compare
iEnergizer
Compare
Axis Bank
Compare
Jio
Compare
TCS
Compare
HDB Financial Services
Compare
Similar Jobs for you
Assistant Manager Finance, Customer Markets
8-13 Yrs
Mumbai, Hyderabad / Secunderabad
Tax Analyst - UK Direct Tax (ATT CIOT Qualified)
0-3 Yrs
Mumbai, Hyderabad / Secunderabad
Data Analyst - Data Governance Enablement & Control
2-5 Yrs
Bangalore / Bengaluru
Share an Interview