Senior Application Security Engineer Mountain View, CA

Gatik, the leader in autonomous middle-mile logistics, is revolutionizing the B2B supply chain with its autonomous transportation-as-a-service (ATaaS) solution and prioritizing safe, consistent deliveries while streamlining freight movement by reducing congestion. The company focuses on short-haul, B2B logistics for Fortune 500 retailers and in 2021 launched the world’s first fully driverless commercial transportation service with Walmart. Gatik's Class 3-7 autonomous trucks are commercially deployed across major markets, including Texas, Arkansas, and Ontario, Canada, driving innovation in freight transportation.

The company's proprietary Level 4 autonomous technology, Gatik Carrier, is custom-built to transport freight safely and efficiently between pick-up and drop-off locations on the middle mile. With robust capabilities in both highway and urban environments, Gatik Carrier serves as an all-encompassing solution that integrates advanced software and hardware powering the fleet, facilitating effortless integration into customers' logistics operations.

We're looking for a Senior Application Security Engineer who wants to work in a fast-paced, execution-oriented team. Gatik’s Fleet Management Software team is responsible for the design, development, deployment & maintenance of various applications in our product suite that serve our customers and partners and provide seamless visibility into and interaction with our AV fleet that enables freight-only operations for unparalleled safety, efficiency, responsiveness, and reliability in middle-mile logistics.

This role is onsite 5 days a week at our Mountain View, CA office!

• Align Gatik's Software Development Life Cycle with security best practices: conducting security assessments
• Coordinate with developers on all aspects of SDLC through planning, feasibility analysis, design, development, testing to implementation and operations
• Conduct threat modeling, pen tests, code reviews and security reviews
• Conduct security assessment focused on Cloud infrastructure (AWS, Azure or GCP)
• Identify and Mitigate Vulnerabilities in the Application software and Cloud infrastructure
• Mature Gatik's processes, practices and toolset
• Improve, develop, and maintain security documentation
• Assist teams in reproducing, triaging, and addressing application security vulnerabilities
• Provide product security guidance and architecture oversight, design reviews, and security feature roadmap collaboration
• Develop new security automation and tooling to improve our detection of application vulnerabilities, and to assist in the remediation of findings
• Conduct Dynamic and static analysis

• Bachelor's Degree in Computer Science, Information Technology, Cyber Security, or related field of study
• 7+ years of industry experience in Application or Product security
• Strong expertise conducting DAST/SAST
• Strong understanding of web and mobile application security
• Strong knowledge of applied cryptography, TLS/SSL, web authentication protocols such as OAuth/SAML
• Strong knowledge of Cloud security architecture and automating security practices
• Experience securing applications built in Azure, AWS or GCP
• Strong knowledge of Containers and Orchestration technologies like Docker & Kubernetes
• Scripting experience in Python, Ruby, Javascript or Typescript
• Strong knowledge in security vulnerabilities, attack vectors, mitigation techniques, and best practices
• Strong knowledge of OWASP Top 10 vulnerability detection and mitigation
• Experience developing and operating cloud systems in Azure

At Gatik, we connect people of extraordinary talent and experience to an opportunity to create a more resilient supply chain and contribute to our environment’s sustainability. We are diverse in our backgrounds and perspectives yet united by a bold vision and shared commitment to our values. Our culture emphasizes the importance of collaboration, respect and agility.

We at Gatik strive to create a diverse and inclusive environment where everyone feels they have opportunities to succeed and grow because we know that together we can do great things. We are committed to an inclusive and diverse team. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status or any legally protected status.