Senior Security Engineer

Job Title: Senior Security Engineer 

Location: Bangalore (On-site; full-time)

Battle-tested in 350+ deployments across 30+ countries, Locus is an agentic Transportation Management System for all-mile, all-channel, trusted by enterprises like Unilever, Nestlé, and Siam Makro.

The platform unifies orders, capacity, and carrier networks into one living plan, aligning planning, execution, and settlement so promises become proof. AI co-pilots with guardrails surface risk early and recommend the next best move to protect SLAs and reduce empty miles.

In 2025, Locus joined the Ingka Group (IKEA Retail) family, marking a major milestone in our journey. Backed by the scale and strength of IKEA, we continue to operate independently while accelerating our mission to make global supply chains faster, smarter, and more sustainable.

Our Journey and Impact

Since 2015, Locus has been on a mission to make logistics decision-making intelligent, sustainable, and real-world ready. Our platform has powered billions of deliveries across 30+ countries for global enterprises, driving measurable impact in cost savings, carbon reduction, and SLA performance. With the strength of the IKEA ecosystem behind us, we’re scaling that impact even further.

Our Global Footprint

Headquartered in Bangalore, with teams across the U.S., U.K., UAE, and Southeast Asia, Locus brings together 170 + engineers, designers, and problem-solvers united by a single goal: to reinvent how the world moves goods.

Traits We Value

We look for people who are:

● Global in mindset: curious about diverse markets and ideas.

● Unrelenting in drive: energized by complex challenges.

● Intelligent in approach: analytical, creative, and thoughtful.

● Dynamic in execution: adaptive and decisive in fast-moving contexts.

● Exact in craft: detail-oriented and committed to excellence.

Job Overview:We are looking for a Senior Security Engineer  to design and scale security across cloud-native and DevSecOps environments.The role focuses on threat modeling, security architecture, and detection engineering across applications, infrastructure, and CI/CD pipelines. You will work closely with engineering teams to embed secure-by-design practices and reduce risk through automation.

• Lead threat modeling and security design reviews for applications, cloud infrastructure, and system architectures.

  
  

• Drive DevSecOps security controls across CI/CD pipelines, including SAST, DAST, SCA, secrets scanning, and IaC security.

  
  

• Provide architectural guidance for securing cloud-native applications, Kubernetes clusters, and DevOps workflows.

  
  

• Design, implement, and continuously improve security detections, alerts, and monitoring use cases across cloud, application, and infrastructure layers.

  
  

• Work closely with engineering and DevOps teams to identify, prioritize, and remediate vulnerabilities efficiently.

  
  

• Own and improve Vulnerability Management and Patch Management processes, focusing on risk-based prioritization.

  
  

• Develop and maintain custom tools, scripts, and automation to reduce manual security effort and improve coverage.

  
  

• Contribute to offensive security activities such as cloud security assessments, configuration reviews, and controlled red-team style exercises.

  
  

• Assist in incident detection and response, including alert triage, investigation, and post-incident improvements.

  
  

• Promote secure-by-design practices with the mindset that “Complexity is the enemy of Security.”

  
  

• Stay current with emerging attack techniques, cloud security risks, and detection strategies, sharing knowledge with the team.

  
  

• Strong expertise in cloud security (AWS, Azure, or GCP), including IAM, networking, logging, and workload security.

  
  

• Hands-on experience with Kubernetes and container security, including runtime protections and cluster hardening.