Yodlee delivers innovative financial applications that make online banking more profitable. Yodlee's patented software solutions help consumers achieve greater financial awareness, control, and satisfaction through the online channel. Over 100 leading financial institutions and portals offer Yodlee-powered solutions to millions of consumers worldwide. A privately-held company, Yodlee investors include Accel, Institutional Venture Partners, S1 Corporation, and Warburg Pincus. Yodlee is headquartered in Redwood City, California.

This position has overall responsibility for security of Yodlee widget applications and products developed using Yodlee SDK. This position will perform penetration testing, code reviews and consults with internal development groups as well as external developer community/third party developers on many aspects of Yodlee's security architecture. This includes security at the coding, design and architectural level of products, specific programming methodologies, and analysis of finished products.

Responsibilities: * Overall responsibility for Yodlee's technical security posture for widgets from an architectural and applications perspective * Conduct in-house penetration testing and code-reviews on widget application developed by developer community/third party developers * SDK code reviews of external facing APIs * Consult with Product development, Operations and external developer community/third party developers on technical security issues and remediation

Requirements: * B.E Computer Science/Information Systems or related field * Must posses strong programming background * Expertise in Java, J2EE, Flex/Flash, SOAP and Java security technologies * Experience in secure application programming, code reviews, penetration testing with web based application * Experience is widgets coding and design a big plus * Experience in developing mobile apps a plus * Ability to work effectively with technical and non-technical personnel in a cross-functional setting * Lead implementation efforts of security initiatives and resolutions of any findings from internal or external assessments * Identify security risks and develop solutions to eliminate or minimize risks * Knowledge of software design, software and network architecture, protocols, and standards * Excellent verbal and written communication skills * CISSP certification desirable * Must be available on call 24x7 for security matters Experience: * 5+ years