Security Engineer

Job Description / Skills Required

Build the best:

Would you enjoy working on one of the biggest and fastest ad-engines in the marketplace?

We are already serving audiences in the hundreds of millions and processing tens of billions of requests per month, and as the demand for our services is expected to multiply, you will be challenged with: scaling accordingly, developing new components, and seamless implementations allowing for zero downtime. (You code with the confidence, speed, and steadiness of a world class surgeon!)

You will be part of the team that is responsible for the lifeblood of the YuMe platform, and have the opportunity to be a superhero in the world of high-volume, real-time, open-source systems.

Responsible building highly secured architecture and design solutions for complex environments
Executes and manages security assessment programs and processes for the proper risk and compliance analysis of systems, applications, infrastructure, databases
Delivers information security assessments, penetration tests and associated remediation. Integrate security testing and defect mitigation with all other technologies teams and standard infrastructure and security life cycle processes
Need to be energetic and provide innovative solution.
Will need to propose solution to enhance the current security system
Actively audit the quality of the code from a security perspective.
Work independently on the tasks, yet capable of mentoring a growing development team to support a highly-interactive, high-performance user experience and social networking environment.
A Typical work day of an Security Engineer
Work closely with PM Team to understand & analyze requirements
Create design documentation & review the same with the team
Collaborate with teams across geographies to finalize design documents
Create low level design & test case for the module/feature
Write code & work with version management tools
Own a feature/module & take it till go live
Should write & execute unit test cases
Should write & execute functional, integration test cases
Should write test cases for existing features (backlog)
Should contribute in code review & improve guideline documents
Should analyze & fix issues found post development
Actively contribute in supporting product on need basis
Participate in design review of other features
Needs to update & embrace self on latest happenings in the domain as well as the relevant technologies

Technical Skills
8+ years’ experience as a Java/J2EE developer
Should have experience on OWASP.
Deep specific knowledge of security vulnerabilities, threat analysis, and risk modeling
Previous experience with DRM, PCI compliance, public and symmetric-key cryptography, RSA,
Expertise in Linux, Spring, Hibernate, MySQL, and Tomcat
Should be expert in XSS, XSRF, SQL-Injection, etc
Should have worked on Internet technology like XML, XPath, WSDL, SOAP, and MTOM
Should be good at writing SQL scripts
The ability to work unassisted in Window and Linux environments

Education and Years of Experience
BS in Computer Science or technical degree (MS in Computer Science preferred)
8-10+ years of experience in engineering/security architecture roles.
Certifications (e.g. CISM, CISA, CISSP, GFCA, CCFE, CIPP) preferred
Expertise in application and database security.

YuMe is a leading independent provider of digital video brand advertising solutions. Its proprietary data-science driven technologies and large audience footprint drive inventory monetization and enable advertisers to reach targeted, brand receptive audiences across a wide range of Internet-connected devices. Designed to serve the specific needs of brand advertising, YuMe’s technology platform simplifies the complexities associated with delivering effective digital video advertising campaigns in today’s highly-fragmented market. YuMe (NYSE: YUME) is headquartered in Redwood City, CA with European headquarters in London and eight additional offices worldwide. This is a rare opportunity to be part of an organization that driving the shift of TV brand advertising to digital.


YuMe is currently NOT accepting resumes/applications from third party recruiting agencies. Any unsolicited resumes/applications will be deemed a gift and no fee shall be due to the agency.