Thomson Reuters - Senior Security Engineer - WAF (7-10 yrs)

Information Security and Risk Management (ISRM) organization is seeking a Senior Security Engineer to join our growing Security Engineering team. This candidate will join a team that manages our Web Application Firewall (WAF) solutions and network IDS/IPS, with a particular focus on the implementation of Cloudflare & cloud-native WAF services across our diverse public cloud estate.

About the Role :

In this opportunity as a Senior security Engineer, you will :

- Maintain enterprise best practice configurations & guidelines for WAF usage across TR

- Develop & maintain baseline WAF security rulesets based on vendor & TR best practices

- Support application team WAF onboarding with rule deployments, log enrichment & analysis, and rule recommendations based on analysis

- Consult with Cyber Defense (SOC, CIRT, Threat Detection) stakeholders to assist with operationalizing WAF alerting to SOC & supporting runbook development

- Effectively communicate technical concepts to business lines and stakeholders

- Collaborate with other security and network engineers to support other network security related projects such as network IDS/IPS, network DLP, and SSL inspection

- Collaborate with ISRM stakeholders such as security architecture, product security, incident response, and threat detection to ensure services are meeting stakeholder expectations

- Consult with application teams on supporting development of rate limiting & bot management rules

About you :

- You're a fit for the role of Senior security Engineer if your background includes :

- Bachelors degree preferred and/or 7+ years of relevant professional Network Security / Network Engineering experience

- Minimum of 5 years in network security with a strong focus on application layer security, with at least 2 years of working experience with WAF solutions

- Solid understanding of OWASP Top 10 and experience testing the most common injection vulnerabilities : Cross-site Scripting (XSS), XML External Entities (XXE), SQL Injection (SQLi), OS Command Injection.

- Understanding of Denial of Service (DoS) and Distributed DoS attacks at the Network, Transport and Application layer.

- Strong scripting and automation skills using languages such as Python and additionally Powershell

- Proven experience with maintaining enterprise WAF capabilities with providers such as Cloudflare, Mod Security or cloud native WAF services such as AWS WAF

- In-depth knowledge of security principles, protocols, and best practices.

- Proficient in analyzing large datasets using tools like Splunk, Datadog, or other SIEM/logging technologies

- Experience with cloud platforms such as AWS, Azure, Google Cloud, and/or OCI.

- Ability to work independently while driving projects to conclusion

Preferred Qualifications :

- Experience testing less common injection vulnerabilities : Server-side Request Forgery (SSRF), Server Side

- Template Injection (SSTI), Insecure Deserialization, LDAP Injection, NoSQL Injection, Expression Language Injection.

- Experience with configuration management through git based source control

- Experience with Infrastructure as Code (IaC) such as Terraform, CloudFormation, ARM or Bicep.

- Experience with other network security technologies such as IDS/IPS, NextGen Firewalls, network DLP, and SSL inspection capabilities.

- Understanding of network transport protocols and services (TCP/IP, syslog, DNS, VLANs, VRF, SFTP, SSH, PKI, etc)

- Unix/Linux knowledge, can operate in a Linux environment

What's in it For You?

You will join our inclusive culture of world-class talent, where we are committed to your personal and professional growth through :

- Hybrid Work Model : Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected

- Wellbeing : Comprehensive benefit plans; flexible and supportive benefits for work-life balance : flexible vacation, two company-wide Mental Health Days Off; work from another location for up to a total of 8 weeks in a year, 4 of those weeks can be out of the country and the remaining in the country, Headspace app subscription; retirement, savings, tuition reimbursement, and employee incentive programs; resources for mental, physical, and financial wellbeing.

- Culture : Globally recognized and award-winning reputation for equality, diversity and inclusion, flexibility, work-life balance, and more.

- Learning & Development : LinkedIn Learning access; internal Talent Marketplace with opportunities to work on projects cross-company; Ten Thousand Coffees Thomson Reuters caf networking.

- Social Impact : Ten employee-driven Business Resource Groups; two paid volunteer days annually; Environmental, Social and Governance (ESG) initiatives for local and global impact.

- Purpose Driven Work : We have a superpower that weve never talked about with as much pride as we should we are one of the only companies on the planet that helps its customers pursue justice, truth and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world.