Job Description / Skills Required
Build the best:
Would you enjoy working on one of the biggest and fastest ad-engines in the marketplace?
We are already serving audiences in the hundreds of millions and processing tens of billions of requests per month, and as the demand for our services is expected to multiply, you will be challenged with: scaling accordingly, developing new components, and seamless implementations allowing for zero downtime. (You code with the confidence, speed, and steadiness of a world class surgeon!)
You will be part of the team that is responsible for the lifeblood of the YuMe platform, and have the opportunity to be a superhero in the world of high-volume, real-time, open-source systems.
Responsible building highly secured architecture and design solutions for complex environments
Executes and manages security assessment programs and processes for the proper risk and compliance analysis of systems, applications, infrastructure, databases
Delivers information security assessments, penetration tests and associated remediation. Integrate security testing and defect mitigation with all other technologies teams and standard infrastructure and security life cycle processes
Need to be energetic and provide innovative solution.
Will need to propose solution to enhance the current security system
Actively audit the quality of the code from a security perspective.
Work independently on the tasks, yet capable of mentoring a growing development team to support a highly-interactive, high-performance user experience and social networking environment.
A Typical work day of an Security Engineer
Work closely with PM Team to understand & analyze requirements
Create design documentation & review the same with the team
Collaborate with teams across geographies to finalize design documents
Create low level design & test case for the module/feature
Write code & work with version management tools
Own a feature/module & take it till go live
Should write & execute unit test cases
Should write & execute functional, integration test cases
Should write test cases for existing features (backlog)
Should contribute in code review & improve guideline documents
Should analyze & fix issues found post development
Actively contribute in supporting product on need basis
Participate in design review of other features
Needs to update & embrace self on latest happenings in the domain as well as the relevant technologies
8+ years’ experience as a Java/J2EE developer
Should have experience on OWASP.
Deep specific knowledge of security vulnerabilities, threat analysis, and risk modeling
Previous experience with DRM, PCI compliance, public and symmetric-key cryptography, RSA,
AES, PKI, SSL
Expertise in Linux, Spring, Hibernate, MySQL, and Tomcat
Should be expert in XSS, XSRF, SQL-Injection, etc
Should have worked on Internet technology like XML, XPath, WSDL, SOAP, and MTOM
Should be good at writing SQL scripts
The ability to work unassisted in Window and Linux environments
Education and Years of Experience
BS in Computer Science or technical degree (MS in Computer Science preferred)
8-10+ years of experience in engineering/security architecture roles.
Certifications (e.g. CISM, CISA, CISSP, GFCA, CCFE, CIPP) preferred
Expertise in application and database security.