About us Think about literally anything in your house. Your shirt. Your phone. That random IKEA wrench thingamabob you still haven’t thrown away. Odds are, it all came from somewhere else. Freight is the invisible magic trick that makes the global economy work. And we’re the ones helping it work a little bit faster, smarter, and cheaper. Freightos (Nasdaq: CRGO) is the global booking and payment platform for the trillion-dollar freight industry. Hundreds of airlines and ocean liners, thousands of freight companies, and over ten thousand importers and exporters use our platform to move goods around the world faster and more efficiently. This matters. Efficient freight ultimately makes things cost a little bit less when you buy them in the store. We’ve been on a rocketship (freight ship?) of double-digit growth for years, and we’re nowhere near done. About the Role We are looking for a hybrid powerhouse - a DevSecOps. In this role, you will be the "Ghostbuster" of our systems, an elite specialist who ensures our platform is not only lightning-fast and reliable, but also hardened against any digital threat. You are the kind of person who locks every back door behind you while keeping the gate always open for customers worldwide. Responsibilities:
* Lead security architecture and design reviews to ensure new systems and platforms meet security, reliability, and scalability requirements.
* Develop, implement, and enforce technical security standards, secure baseline configurations, and infrastructure hardening guidelines.
* Own the reliability, availability, performance, and security of production systems across the organization.
* Design, implement, and optimize secure and scalable CI/CD pipelines, integrating security practices throughout the SDLC.
* Build and maintain automation tools and operational processes to improve deployment efficiency, system stability, and security posture.
* Enhance security and observability by implementing and managing monitoring, logging, alerting, and SIEM solutions across distributed systems.
* Lead and participate in incident response activities, including threat monitoring, on-call support, and continuous improvement of operational readiness processes.
* Conduct security assessments, vulnerability management, and compliance audits to identify and remediate risks.
* Promote a security-first engineering culture by mentoring teams on secure coding, infrastructure, and deployment best practices.
* Stay current with emerging threats, vulnerabilities, attack vectors, and industry best practices, and proactively integrate improvements into engineering and security processes.
* Participate in the on-call rotation , with availability to support a global environment.
Hybrid:
Yes
Requirements: ?Qualifications
* 4+ years of experience in DevOps and Security Engineering, with a strong focus on cloud security, infrastructure hardening, and application security.
* Hands-on experience securing cloud environments in AWS and GCP, including Infrastructure as Code (IaC) using tools such as Terraform and Ansible.
* Experienced in AI security best practice.
* Proven experience managing and supporting large-scale, high-availability, and distributed production systems.
* Strong experience integrating security controls and automated validation into CI/CD pipelines using platforms such as Jenkins and Bitbucket.
* Deep understanding of application and infrastructure security practices, including SAST, DAST, SCA, secret scanning, and vulnerability management.
* Familiarity with industry security and compliance frameworks such as CIS, NIST, ISO 27001, and SOC 2.
* Strong scripting and automation skills using Python and Bash to streamline operational and security processes.
* Experience implementing Zero Trust security principles, identity and access management (IAM), and secrets management solutions.
* Hands-on experience with AWS and GCP security
This position is open to all candidates.