Corporate proxies are essentially an allowed MitM attack. The request is encrypted, but the company wants to decrypt it and make sure that there’s nothing bad in it before allowing you to have it. The proxy is terminating the SSL connection with services.gradle.org, then re-encrypting it with a self-signed certificate. This should fail in all other cases except this one where you are willing to trust the MitM (basically because you have to in order to access these from the company network).
Your company should be providing the certificate that they use to re-encrypt proxy traffic. This needs to be in your trust store as a trusted certificate (cacerts). It likely is for your browser, but maybe not your Java installation. This requirement is true for anything using Java and not specific to Gradle.
Alternatively, it is common for companies to run an artifact repository (such as Artifactory or Nexus) which can proxy these dependencies independently and with a valid certificate, not require any changes on your side other than specifying the alternate distribution URL.