Upload Button Icon Add office photos
Premium Employer

i

This company page is being actively managed by Thomson Reuters Team. If you also belong to the team, you can get access from here

Thomson Reuters Verified Tick

Compare button icon Compare button icon Compare
filter salaries All Filters

42 Thomson Reuters Jobs

Thomson Reuters - Senior Security Engineer - WAF (7-10 yrs)

7-10 years

Thomson Reuters - Senior Security Engineer - WAF (7-10 yrs)

Thomson Reuters

posted 3d ago

Job Role Insights

Flexible timing

Job Description

Information Security and Risk Management (ISRM) organization is seeking a Senior Security Engineer to join our growing Security Engineering team. This candidate will join a team that manages our Web Application Firewall (WAF) solutions and network IDS/IPS, with a particular focus on the implementation of Cloudflare & cloud-native WAF services across our diverse public cloud estate.


About the Role :


In this opportunity as a Senior security Engineer, you will :


- Maintain enterprise best practice configurations & guidelines for WAF usage across TR


- Develop & maintain baseline WAF security rulesets based on vendor & TR best practices


- Support application team WAF onboarding with rule deployments, log enrichment & analysis, and rule recommendations based on analysis


- Consult with Cyber Defense (SOC, CIRT, Threat Detection) stakeholders to assist with operationalizing WAF alerting to SOC & supporting runbook development


- Effectively communicate technical concepts to business lines and stakeholders


- Collaborate with other security and network engineers to support other network security related projects such as network IDS/IPS, network DLP, and SSL inspection


- Collaborate with ISRM stakeholders such as security architecture, product security, incident response, and threat detection to ensure services are meeting stakeholder expectations


- Consult with application teams on supporting development of rate limiting & bot management rules


About you :


- You're a fit for the role of Senior security Engineer if your background includes :


- Bachelors degree preferred and/or 7+ years of relevant professional Network Security / Network Engineering experience


- Minimum of 5 years in network security with a strong focus on application layer security, with at least 2 years of working experience with WAF solutions


- Solid understanding of OWASP Top 10 and experience testing the most common injection vulnerabilities : Cross-site Scripting (XSS), XML External Entities (XXE), SQL Injection (SQLi), OS Command Injection.


- Understanding of Denial of Service (DoS) and Distributed DoS attacks at the Network, Transport and Application layer.


- Strong scripting and automation skills using languages such as Python and additionally Powershell


- Proven experience with maintaining enterprise WAF capabilities with providers such as Cloudflare, Mod Security or cloud native WAF services such as AWS WAF


- In-depth knowledge of security principles, protocols, and best practices.


- Proficient in analyzing large datasets using tools like Splunk, Datadog, or other SIEM/logging technologies


- Experience with cloud platforms such as AWS, Azure, Google Cloud, and/or OCI.


- Ability to work independently while driving projects to conclusion


Preferred Qualifications :


- Experience testing less common injection vulnerabilities : Server-side Request Forgery (SSRF), Server Side


- Template Injection (SSTI), Insecure Deserialization, LDAP Injection, NoSQL Injection, Expression Language Injection.


- Experience with configuration management through git based source control


- Experience with Infrastructure as Code (IaC) such as Terraform, CloudFormation, ARM or Bicep.


- Experience with other network security technologies such as IDS/IPS, NextGen Firewalls, network DLP, and SSL inspection capabilities.


- Understanding of network transport protocols and services (TCP/IP, syslog, DNS, VLANs, VRF, SFTP, SSH, PKI, etc)


- Unix/Linux knowledge, can operate in a Linux environment


What's in it For You?


You will join our inclusive culture of world-class talent, where we are committed to your personal and professional growth through :


- Hybrid Work Model : Weve adopted a flexible hybrid working environment (2-3 days a week in the office depending on the role) for our office-based roles while delivering a seamless experience that is digitally and physically connected


- Wellbeing : Comprehensive benefit plans; flexible and supportive benefits for work-life balance : flexible vacation, two company-wide Mental Health Days Off; work from another location for up to a total of 8 weeks in a year, 4 of those weeks can be out of the country and the remaining in the country, Headspace app subscription; retirement, savings, tuition reimbursement, and employee incentive programs; resources for mental, physical, and financial wellbeing.


- Culture : Globally recognized and award-winning reputation for equality, diversity and inclusion, flexibility, work-life balance, and more.


- Learning & Development : LinkedIn Learning access; internal Talent Marketplace with opportunities to work on projects cross-company; Ten Thousand Coffees Thomson Reuters caf networking.


- Social Impact : Ten employee-driven Business Resource Groups; two paid volunteer days annually; Environmental, Social and Governance (ESG) initiatives for local and global impact.


- Purpose Driven Work : We have a superpower that weve never talked about with as much pride as we should we are one of the only companies on the planet that helps its customers pursue justice, truth and transparency. Together, with the professionals and institutions we serve, we help uphold the rule of law, turn the wheels of commerce, catch bad actors, report the facts, and provide trusted, unbiased information to people all over the world.


Functional Areas: Other

Read full job description

Prepare for Senior Security Engineer roles with real interview advice

What people at Thomson Reuters are saying

Senior Security Engineer salary at Thomson Reuters

reported by 7 employees with 4-5 years exp.
₹17.9 L/yr - ₹29.6 L/yr
62% more than the average Senior Security Engineer Salary in India
View more details

What Thomson Reuters employees are saying about work life

based on 1.6k employees
72%
88%
77%
86%
Flexible timing
Monday to Friday
No travel
Day Shift
View more insights

Thomson Reuters Benefits

Submitted by Company
Hybrid Work Environment
Wellbeing and Mental Health
Flex My Way
Career Development and Growth
Submitted by Employees
Free Transport
Cafeteria
Health Insurance
Work From Home
Job Training
Soft Skill Training +6 more
View more benefits

Compare Thomson Reuters with

Bloomberg

3.4
Compare

S&P Global

4.1
Compare

FactSet

3.9
Compare

Morningstar

3.9
Compare

Moody's

4.1
Compare

Wolters Kluwer

3.9
Compare

Oracle

3.7
Compare

Amdocs

3.7
Compare

Automatic Data Processing (ADP)

4.0
Compare

24/7 Customer

3.5
Compare

NCR Voyix

3.9
Compare

Oracle Cerner

3.7
Compare

VMware Software

4.4
Compare

Adobe

3.9
Compare

Chetu

3.3
Compare

R Systems International

3.3
Compare

Dassault Systemes

4.0
Compare

Salesforce

4.0
Compare

Globant

3.8
Compare

Temenos

3.3
Compare

Similar Jobs for you

Automation at Housing.com

4-6 Yrs

₹ 20-25 LPA

Cyber Security Specialist at Xtranet Technologies Private Limited

7-8 Yrs

₹ 25-30 LPA

Web Application Firewall Engineer at CBRE

5-10 Yrs

₹ 11-35 LPA

Audit Analyst at Thomson Reuters International Services Pvt Ltd

7-10 Yrs

₹ 20-30 LPA

Senior Security Researcher at Cyble

7-10 Yrs

₹ 15-28 LPA

Threat Researcher at Crosstab

6-10 Yrs

₹ 12-32 LPA

Defence at Procallisto Solutions

3-8 Yrs

₹ 20-30 LPA

Cyber Security Specialist at Gurucul Soultions Pvt Ltd

7-10 Yrs

₹ 8-18 LPA

Cyber Security Architect at Mindteck (India) Ltd

7-10 Yrs

₹ 24-30 LPA

Security Operations Center Lead at LOCUZ ENTERPRISE SOLUTIONS PRIVATE LIMITED

6-10 Yrs

₹ 18-30 LPA

Thomson Reuters Mumbai Office Locations

View all
Mumbai Office
Thomson Reuters, Level 3, Tower II, Phase II, Raiaskaran Tech Park, Saki Naka, Andheri Kurla Rd Mumbai
Maharashtra 400072
Mumbai Office
Thomson Reuters, Piramal Towers, 'B' Wing 4th Floor, Peninsula Corporate Park Ganpatrao Rao Kadam, Lower Parel (W) Mumbai
Maharashtra 400013
write
Share an Interview