Security Engineer - Ii Job in Locus

Job Title: Security Engineer - II

Location: Bangalore (On-site; full-time)

About Locus:

At Locus, we are redefining logistics decision-making with deep-tech solutions that drive efficiency, consistency, and transparency across industries like retail and FMCG/CPG. Founded in 2015 by Nishith Rastogi and Geet Garg, Locus has evolved from a women s safety geo-tracking app into a globally recognized logistics optimization platform.

Our technology has empowered enterprises such as Unilever and Nestl to execute over a billion deliveries across 30+ countries. Guided by our commitment to innovation and sustainable growth, we transform complex supply chains into strategic growth enablers. Join us at Locus and be part of a team shaping the future of global logistics.

Job Overview:

Key Responsibilities:

• Conduct comprehensive threat modeling for applications, cloud infrastructure, and overall systems architecture.
• Perform secure code reviews and security assessments for web, Android, and iOS applications, with a strong focus on cloud infrastructure security.
• Proactively identify and mitigate vulnerabilities across platforms, collaborating with development and DevOps teams to implement secure solutions.
• Automate and streamline security processes, aligning with the principle that Complexity is the enemy of Security.
• Oversee Vulnerability Management and Patch Management processes, ensuring timely remediation.
• Design and implement robust security measures and contribute to Red Team activities, including assessments of cloud, network, wireless, physical, and social engineering scenarios.
• Take ownership of assigned tasks and drive the continuous improvement of security practices across the organization.
• Assist in setting up and maintaining monitoring systems to identify and respond to potential incidents in real time.
• Develop custom tools, scripts, and scanners to address unique security challenges and automate repetitive tasks.
• Provide architectural guidance for securing cloud-based applications and DevOps pipelines.
• Continuously stay updated on emerging security technologies and techniques, sharing knowledge with the team.

Qualifications:

• 3-5 yrs experienced Sr security engineer.
• Expertise in cloud security (AWS, Azure, or GCP) with a strong understanding of securing applications and infrastructure in cloud environments.
• Proficiency in DevOps and DevSecOps practices, including secure CI/CD pipeline integration and automation.
• Strong knowledge of OWASP and SANS testing methodologies for identifying and mitigating security vulnerabilities.
• Good understanding of software security weaknesses, architecture vulnerabilities, and mitigation strategies.
• Hands-on experience in threat modeling, vulnerability assessments, and penetration testing.
• Proficiency in any scripting language - Python.
• Experience in developing or customizing tools, scanners, or extenders for specific security needs.
• Ability to work independently and collaboratively within a team to solve complex security challenges.
• Experience in implementing security monitoring systems for early incident detection.
• Strong problem-solving skills and the ability to think creatively to simulate attack scenarios.
• Certification in security-related fields (e.g., AWS Certified Security, CISSP, CEH, OSCP).
• Experience with container security and orchestration platforms like Kubernetes and Docker.
• Knowledge of Infrastructure as Code (IaC) tools like Terraform or CloudFormation.
• Familiarity with modern DevOps tools (e.g., Jenkins, GitLab, Ansible).

What We Offer

Join Locus and become part of a visionary team that is redefining logistics through innovation and smart distribution. We provide competitive compensation, comprehensive benefits, and a collaborative environment where your expertise will drive both your growth and that of the organization.

Locus is an equal opportunity employer dedicated to creating a diverse and inclusive workplace.