Application Security Engineer

What We Do

Gecko Robotics is helping the world’s most important organizations ensure the availability, reliability, and sustainability of critical infrastructure. Gecko's complete and connected solutions combine wall-climbing robots, industry-leading sensors, and an AI-powered data platform to provide customers with a unique window into the current and future health of their physical assets. This enables real-time decision making to increase the efficiency and safety of operations, promote mission readiness, and protect the environment and civilization from the effects of infrastructure failure.  

Role at a Glance 

We are hiring an Application Security Engineer that will work collaboratively within the Software Platform team and with software engineers to embed the best security practices in Gecko’s  software development pipelines. Gecko is rooted in a fundamental question posed by our CEO and CoFounder, Jake Loosararian: “Why do you trust the infrastructure around you?” This core premise is not simply a question that Gecko answers for its customers, but a principle that we apply to Gecko’s internal infrastructure as well.  As such, Gecko is investing heavily in the security and stability of its software platform.  The Software Platform team’s purpose is to empower software engineers to create exceptional and secure products quickly, by making software effortless to build, deploy, and manage while maintaining a high degree of quality and security.  As Gecko’s business expands globally into multiple exciting verticals, so too does the complexity of our Cyber Security requirements.  

What you will do

• Security Assessments: Conduct Application Security Architecture reviews, drive regular security assessments, and support  penetration testing  on applications to identify vulnerabilities and security flawsSecurity Tools and Automation: Implement and manage Application Security tools and develop automation scripts to improve the efficiency of security processes
• Incident Response: Support SOC with incident response scenarios and post mortems as relevant
• Compliance:  Ensure applications comply with regulatory requirements and Gecko policies
• Threat Modeling (Risk Management): Categorizing assets, defining relevant threats, and implementing measures to mitigate or neutralize the risks
• Secure Development Lifecycle Integration: Work collaboratively with software developers to integrate security practices into the development lifecycle and provide expert guidance on how to mitigate security vulnerabilities.
• Training: Create training for developers in best practices for application security

Technologies We Use 

We use a variety of technologies, but we primarily operate using Python, React, and Typescript with Google Cloud Platform (GCP) as our cloud provider. This is a non-exhaustive list and we are tech agnostic in our interview process, so we encourage you to apply regardless of your background.

About You

• 3+ years of experience in application security or a related role
• Strong understanding of security protocols, cryptography, and application security frameworks (e.g., OWASP)
• Proficient in security testing tools (e.g., Burp Suite, OWASP ZAP) and methods.
• Experience with programming languages such as Java, Python, or C++
• Familiarity with various operating systems and datastores 
• Familiarity with Security Best Practices and frameworks (e.g. NIST, ISO27001, SOC 2)
• Experience with Cloud architectures and design patterns ( GCP experience is a plus)
• Bachelor’s in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent experience)
  
  

 NYC Pay Transparency Disclosure

Salary Range: $120,000.00 to $220,000.00 annually plus equity and perks.This salary range is based on the current available market data, and represents the expected salary range for this role. Gecko Robotics has minimal hierarchy and few titles, but has broad ranges of experience represented within roles. Should you have compensation expectations that exceed these bands, we'd love to hear from you and would welcome you to reach out to further discuss.

Who We Are

At Gecko, our people are our greatest investment. In addition to competitive compensation packages, we offer company equity, 401(k) matching, gender-neutral parental leave, full medical, dental, and vision insurance, mental health and wellness support, ongoing professional development, family planning assistance, and flexible paid time off. 

Gecko values collaboration, innovation, and partnership, and we believe we do our best work when we're together in person. We’re an office-first culture but understand that sometimes you may need to work from home. Many people are in the office five days a week, others need a bit more flexibility. Ultimately, we care about the outcomes we achieve - and creating a culture of autonomy and trust that enables that impact.

Gecko is committed to creating a culture of inclusion and belonging, and we are proud to be an equal opportunity employer.  We believe it is our collective responsibility to uphold these values and encourage candidates from all backgrounds to join us in our mission to protect today’s infrastructure and give form to tomorrow’s. All qualified applicants will be treated with respect and receive equal consideration for employment without regard to race, color, creed, religion, sex, gender identity, sexual orientation, national origin, disability, uniform service, veteran status, age, or any other protected characteristic per federal, state, or local law. If you are passionate about what you do and want to use your talents to support our critical mission, we’d love to hear from you.