This website uses cookies to ensure you get the best experience.

One Click LCA and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics and marketing purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor

These cookies are used to make advertising messages more relevant to you. In some cases, they also deliver additional functions on the site.

Vendors Youtube
Skip to main content
One Click LCA career site
Software development · India · Fully Remote

Security Engineer (Offensive Ops & Automation) for a Sustainability SaaS

One Click LCA is decarbonizing the global construction industry and handling massive datasets and critical BIM integrations. We are looking for a Security Engineer who thinks like a hacker and builds like an engineer. This is a hands-on, deeply technical role, and not a compliance or audit position. We need a practitioner who can design and implement an automated, resilient, defence-in-depth security architecture that scales with our global footprint.

Our technology powers the makers of a zero-carbon future

One Click LCA is a fast-growing and profitable Software-as-a-Service (SaaS) growth company. Used in 170+ countries, leading end-to-end sustainability platform for construction and manufacturing. The AI-powered software decarbonises and drives sustainability across the construction value chain with scientific, easy-to-use, automated life-cycle assessment (LCA) and environmental product declarations (EPDs) to calculate and reduce the environmental impacts of building, infrastructure, and renovation projects and products.

You will join a supportive, effective, and mission-oriented team in a flexible, friendly and international work environment and have a great deal of autonomy in your role.

This full-time, permanent position is available on a remote basis for candidates based in India.

What you will do:

  • Continuous Offensive Ops: Conduct deep-dive manual penetration tests on our AWS-native stack and APIs, then automate those exploits into continuous security tests.

  • Security as Code: Own the security layer of our pipelines. Implement and tune SAST/DAST/SCA to ensure high-signal, automated gating.

  • Direct Remediation: You have push rights. You will collaborate with developers to fix vulnerabilities at the source or refactor insecure Infrastructure as Code.

  • Cloud Hardening: Architect and enforce security boundaries across AWS (and Azure) using IAM policy-as-code and automated guardrails.

Your technical profile:

  • The Mindset: You are a builder who thinks like an attacker. You have likely hunted bugs, competed in CTFs, or built your own security tools.

  • AWS Mastery: Deep experience securing AWS environments. Familiarity with Azure is a strong plus.

  • Automation/DevSecOps: Proficient in Python and Java, and good knowledge of Terraform, GitHub Actions, and Code quality tools, e.g., SonarQube.

  • Exploitation Skills: Expert knowledge of web/API vulnerabilities (OWASP Top 10) and the ability to demonstrate manual exploitation before automating the detection.

Why One Click LCA:

  • High Agency: This is an engineering role, not management. You define the tools and the strategy.

  • Push Access: You are not just filing tickets; you are shipping secure code.

  • Purpose: Protect the data that is actively fighting climate change.

  • Modern Stack: Cloud-native and high-growth.

  • Work in a growing business that helps bring about a zero-carbon future

  • Competitive compensation and opportunity for professional development

Interested?

We are eager to receive your application by 16 January 2026. Applications are reviewed on reception, so please apply swiftly.

Department
Software development
Locations
India
Remote status
Fully Remote

How do we do this

We train, equip and support the makers of a zero-carbon future to tackle low-carbon design, planning, manufacturing, and procurement using life-cycle assessment to achieve zero.

This is how we do it:

  • We train everyone in the world to life-cycle assessment via One Click LCA Academy for free.

  • We provide software tools to decarbonize any project or product anywhere in the world.

  • We create free resources and policy tools to power all the makers of zero-carbon future.

  • We aim to power one million users by 2035.

How we live our purpose in our work

Maximizing our decarbonization impacts

  • We’re training tens of thousands of people for free annually via One Click LCA Academy.

  • We provide One Click LCA Planetary, a free embodied carbon software for everyone.

  • We author free policy papers and best practice guidelines for governments and businesses.
  • Supporting decarbonization outside our direct business

  • We invested over 150 000 EUR in the creation of a surplus construction materials marketplace business to reduce site wastage and advanced regulations supporting this activity.

  • We have invested 150 000 EUR in the construction of new primary wind power in Finland.

  • We donate annually to a number of sustainability NGOs in line with our mission.

Minimizing our internal carbon impacts

  • We’re a proud signatory of the World Green Building Council Net Zero commitment and shall achieve zero carbon facilities by 2030.

  • We’ve invested in primary wind power generation capacity to power our entire operations.

  • We minimize travel emissions by supporting remote work and encouraging public transport.

  • We do not serve meat in any company events or dinners and use plant-based milk.

  • We operate a paperless business.

Company culture

  • We have a very supportive, highly expert, and friendly team of colleagues.

  • We leave staff a great deal of autonomy & freedom; you can get done what needs to get done.

  • We have a low hierarchy and support an open flow of information.

  • Our team is highly international and represents well over 20 nationalities.

  • We work on the same mission together with our customers to create a zero-carbon future.

Join a supportive, effective and mission-oriented team

Work with cutting edge tools and a team of world-class professionals and leading organisations to solve one of the world`s biggest challenges - decarbonizing buildings and construction, responsible for 40 % of global carbon emissions.

About One Click LCA

One Click LCA is a Helsinki-based tech company decarbonizing construction and manufacturing with world-leading, easy-to-use, and automated life-cycle assessment (LCA) to calculate and reduce the environmental impacts of building, infrastructure, and renovation projects — as well as construction and other manufactured products. It also enables manufacturers to generate and publish third-party verified EPDs and allows assessment of circularity, life-cycle cost, and soon also biodiversity. 

One Click LCA is used in +170 countries. Its decarbonization platform includes a unique global database with +250,000 LCA datasets, and it supports +80 standards and certifications, including LEED, BREEAM, GRESB and other national regulations. 

One Click LCA was founded in Finland in 2001 and has a team of +230 people on all continents. 
Learn more at: www.oneclicklca.com

Founded in 2001
Co-workers +230
Software development · India · Fully Remote

Security Engineer (Offensive Ops & Automation) for a Sustainability SaaS

Loading application form

Already working at One Click LCA?

Let’s recruit together and find your next colleague.

Applicant tracking system by Teamtailor