Principal/Staff Enterprise Security Engineer
Who we are:
Founded in 2017, Gatik is the leader in autonomous middle mile logistics. We deliver goods safely and efficiently using medium duty trucks with a focus on short-haul, B2B logistics for Fortune 500 customers such as Walmart and Loblaw. Gatik enables our customers to optimize their hub-and-spoke operations, enhance service levels and product flow across multiple locations while reducing labor costs and meeting an unprecedented expectation for faster deliveries.
About the role:
Gatik is hiring a Staff/Principal Enterprise Security Engineer who will be responsible for the overall security of Gatik’s platform and products, corporate infrastructure, and IT systems. This individual will be tasked with developing and implementing security best practices and procedures, managing security risks, training, responding to security incidents, and building bleeding edge workplace tech and internal corporate systems, and ensuring compliance with relevant regulations.
This role is onsite 4 days a week at our Mountain View, CA office!
What you'll do:
- Develop and implement security policies and procedures for company products and corporate systems
- Work closely with and provide technical expertise to compliance, business units, and supporting departments in the implementation, certification, and maintenance of compliance standards (E.g., NIST CSF/800-171/CMMC, ISO 27001/ISO27701, SOX, PCI/DSS, GDPR, CCPA, etc.)
- Responsible for security operations, including threat prevention, detection, and incident response strategy to include a formalized incident response process, declaring security incidents, coordinating and assisting in the investigation of potential incidents, assisting in the recovery from attacks, coordinating with legal, compliance, and other stakeholders, law enforcement agencies (where applicable), and developing the post-response control strategy
- Develop and employ an ongoing information security communications, training, and awareness program tailored to the evolving needs of the business and the specific requirements of various user groups
- Collaborate cross-functionally, including with engineering, legal, product, and IT teams, to build and strengthen information security and privacy across our service and infrastructure
- Work with product development teams to lead threat models, security reviews accurate, actionable security insights and results
- Proactively manage security risks; Coordinate and oversee internal & external audits and assessments
- Report on security status to the CTO and other senior executives
- Establish Gatik as a trusted and secure platform for a growing customer base that includes many Fortune 500 companies; Support security reviews from new and existing customers; Represent the company to external security organizations
- Develop and maintain a comprehensive vendor risk management program; Identify and assess security risks associated with third-party vendors and service providers; Establish vendor security requirements and standards, conduct due diligence and implement processes for ongoing vendor security reviews and risk mitigation
What we're looking for:
- Bachelor’s degree in Computer Science, Information Systems, Engineering, or related technical field
- 8+ years of experience in a combination of information technology & security and IT risk management
- 2+ years of leadership experience in information security policy, standards, architecture, technology, and programs
- Experience with multiple Information Security domains, such as Infrastructure Vulnerability, Data Loss Prevention, End User Security, Network Security, Internet Security, Application Security, Cloud Security(AWS), Identity & Access Management, etc
- Experience with security products from a variety of vendors (firewalls, intrusion detection systems, vulnerability scanners, multi-factor/strong authentication technologies, SIEM, CASB, logging, penetration testing software, etc.)
- Knowledge and understanding of relevant legal and regulatory requirements, such as GDPR, SOX, PCI/DSS, ISO/IEC 27001, and NIST security principles
- Proven and demonstrated successful experience delivering results in the following areas of IT Security: Identity and Access Management (IM), Application, Cloud and Data Security, Information Governance Risk & Compliance (GRC), Security Operations
- Must have a track record of developing and implementing a comprehensive strategy and plan for managing information security
- Exceptional program and project management skills
- Strong written/oral communication skills required along with the desire and ability to communicate with business leaders at all levels of the organization
- Strong analytical and problem-solving skills
More about Gatik:
With headquarters in Mountain View, CA and offices in Canada, Texas, Louisiana and Arkansas, Gatik is establishing new standards of success for the autonomous trucking industry every day. Visit us at Gatik for more company information and Jobs @ Gatik for more open roles.
- The 10 most innovative companies in transportation of 2023
- America’s Best Startup Employers of 2023 by Forbes
- America’s Best Startup Employers of 2022 by Forbes
- Gatik been named as a 2023 FreightTech 25 winner!
- Gatik named a TIME Best Invention of 2022
- Apeksha Kumavat recognized on the Inc. 2022 Female Founders 100 List
- Gatik’s Gautam Narang on the importance of knowing your customer
- Gatik CEO Gautam Narang was Named Among the Most Exceptional Entrepreneurs of 2022 by Goldman Sachs
Taking care of our team:
At Gatik, we connect people of extraordinary talent and experience to an opportunity to create a more resilient supply chain and contribute to our environment’s sustainability. We are diverse in our backgrounds and perspectives yet united by a bold vision and shared commitment to our values. Our culture emphasizes the importance of collaboration, respect and agility.
We at Gatik strive to create a diverse and inclusive environment where everyone feels they have opportunities to succeed and grow because we know that together we can do great things. We are committed to an inclusive and diverse team. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status or any legally protected status.
Autonomous Delivery Network for the Middle Mile