DevSecOps

About us

Think about literally anything in your house. Your shirt. Your phone. That random IKEA wrench thingamabob you still haven’t thrown away. Odds are, it all came from somewhere else. Freight is the invisible magic trick that makes the global economy work. And we’re the ones helping it work a little bit faster, smarter, and cheaper.

Freightos (Nasdaq: CRGO) is the global booking and payment platform for the trillion-dollar freight industry. Hundreds of airlines and ocean liners, thousands of freight companies, and over ten thousand importers and exporters use our platform to move goods around the world faster and more efficiently. This matters. Efficient freight ultimately makes things cost a little bit less when you buy them in the store.

We’ve been on a rocketship (freight ship?) of double-digit growth for years, and we’re nowhere near done.

About the Role

We are looking for a hybrid powerhouse - a DevSecOps. In this role, you will be the "Ghostbuster" of our systems, an elite specialist who ensures our platform is not only lightning-fast and reliable, but also hardened against any digital threat. You are the kind of person who locks every back door behind you while keeping the gate always open for customers worldwide. 

Responsibilities:

• Lead security architecture and design reviews to ensure new systems and platforms meet security, reliability, and scalability requirements.
• Develop, implement, and enforce technical security standards, secure baseline configurations, and infrastructure hardening guidelines.
• Own the reliability, availability, performance, and security of production systems across the organization. 
• Design, implement, and optimize secure and scalable CI/CD pipelines, integrating security practices throughout the SDLC.
• Build and maintain automation tools and operational processes to improve deployment efficiency, system stability, and security posture.
• Enhance security and observability by implementing and managing monitoring, logging, alerting, and SIEM solutions across distributed systems.
• Lead and participate in incident response activities, including threat monitoring, on-call support, and continuous improvement of operational readiness processes.
• Conduct security assessments, vulnerability management, and compliance audits to identify and remediate risks.
• Promote a security-first engineering culture by mentoring teams on secure coding, infrastructure, and deployment best practices.
• Stay current with emerging threats, vulnerabilities, attack vectors, and industry best practices, and proactively integrate improvements into engineering and security processes.
• Participate in the on-call rotation, with availability to support a global environment.

Qualifications

• 4+ years of experience in DevOps and Security Engineering, with a strong focus on cloud security, infrastructure hardening, and application security.
• Hands-on experience securing cloud environments in AWS and GCP, including Infrastructure as Code (IaC) using tools such as Terraform and Ansible.
• Experienced in AI security best practice.
• Proven experience managing and supporting large-scale, high-availability, and distributed production systems.
• Strong experience integrating security controls and automated validation into CI/CD pipelines using platforms such as Jenkins and Bitbucket.
• Deep understanding of application and infrastructure security practices, including SAST, DAST, SCA, secret scanning, and vulnerability management.
• Familiarity with industry security and compliance frameworks such as CIS, NIST, ISO 27001, and SOC 2.
• Strong scripting and automation skills using Python and Bash to streamline operational and security processes.
• Experience implementing Zero Trust security principles, identity and access management (IAM), and secrets management solutions.
• Hands-on experience with AWS and GCP security services such as GuardDuty, Security Command Center (SCC), Shield, and CloudTrail, as well as SIEM and observability platforms like Elastic Stack.
• Strong troubleshooting and analytical skills in network security, encryption, authentication mechanisms, and secure system design.

Preferred Qualifications:

• Certified AWS and GCP Architects.

General:

• Full-time position
• Location: Modiin, hybrid (twice a week at the office)
• Reports to: Director of IT, Security, SRE & Site

Why Freightos is the Perfect Port for Your Career!

• We genuinely value work-life balance! We work hybrid, allowing you to enjoy quiet days at home, free from traffic, with in-office days, to meet your fabulous team face-to-face twice a week. 
• We believe that employees who get better make us all better. We strive for professional development and continuous learning. Alongside career support and guidance, you’ll receive an annual training budget for personal and professional development.
• We don’t just offer jobs—we offer a stake in something bigger. As part of Freightos, you’ll be eligible to receive equity incentive grants that vest over time, aligning your success with the company’s long-term growth. The more we build together, the more you benefit.
• A multicultural global team makes global freight easier. You’ll work with people from around the world, gain new perspectives, and experience diverse ways of thinking—fun and eye-opening!
• Our office is based in Modiin, right across the train station. With great transport links, a beautiful view and a dynamic work environment, it’s the perfect place to collaborate and grow.

Freightos is an equal opportunity employer, committed to treating all potential employees fairly and ensuring equal opportunities for everyone.