Senior Application Security Engineer
Gatik
Who we are:
Gatik, the leader in autonomous middle mile logistics, delivers goods safely and efficiently using its fleet of light & medium-duty trucks. The company focuses on short-haul, B2B logistics for Fortune 500 customers including Kroger, Walmart, Tyson Foods, Loblaw, Pitney Bowes, Georgia-Pacific, and KBX; enabling them to optimize their hub-and-spoke supply chain operations, enhance service levels and product flow across multiple locations while reducing labor costs and meeting an unprecedented expectation for faster deliveries. Gatik’s Class 3-7 autonomous box trucks are commercially deployed in multiple markets including Texas, Arkansas, and Ontario, Canada.
About the role:
We're looking for a Senior Application Security Engineer who wants to work in a fast-paced, execution-oriented team. Gatik’s Fleet Management Software team is responsible for the design, development, deployment & maintenance of various applications in our product suite that serve our customers and partners and provide seamless visibility into and interaction with our AV fleet that enables freight-only operations for unparalleled safety, efficiency, responsiveness, and reliability in middle-mile logistics.
What you'll do:
- Align Gatik's Software Development Life Cycle with security best practices: conducting security assessments
- Coordinate with developers on all aspects of SDLC through planning, feasibility analysis, design, development, testing to implementation and operations
- Conduct threat modeling, pen tests, code reviews and security reviews
- Conduct security assessment focused on Cloud infrastructure (AWS, Azure or GCP)
- Identify and Mitigate Vulnerabilities in the Application software and Cloud infrastructure
- Mature Gatik's processes, practices and toolset
- Improve, develop, and maintain security documentation
- Assist teams in reproducing, triaging, and addressing application security vulnerabilities
- Provide product security guidance and architecture oversight, design reviews, and security feature roadmap collaboration
- Develop new security automation and tooling to improve our detection of application vulnerabilities, and to assist in the remediation of findings
- Conduct Dynamic and static analysis
What we're looking for:
- Bachelor's Degree in Computer Science, Information Technology, Cyber Security, or related field of study
- 7+ years of industry experience in Application or Product security
- Strong expertise conducting DAST/SAST
- Strong understanding of web and mobile application security
- Strong knowledge of applied cryptography, TLS/SSL, web authentication protocols such as OAuth/SAML
- Strong knowledge of Cloud security architecture and automating security practices
- Experience securing applications built in Azure, AWS or GCP
- Strong knowledge of Containers and Orchestration technologies like Docker & Kubernetes
- Scripting experience in Python, Ruby, Javascript or Typescript
- Strong knowledge in security vulnerabilities, attack vectors, mitigation techniques, and best practices
- Strong knowledge of OWASP Top 10 vulnerability detection and mitigation
- Experience developing and operating cloud systems in Azure
More about Gatik:
- Tyson Foods Takes First Taste Of Autonomous With Gatik
- Forbes Cover featuring Gautam Narang 2023
- Gatik and Kroger multi-year commercial collaboration