Security IAM Engineer
Role details
Job location
Tech stack
Requirements
Experteer Overview In this hybrid leadership role, you will secure and optimize Freightos' production systems while ensuring reliability and performance at scale. You will lead security architecture, enforce hardening and compliance, and shape secure CI/CD practices across the organization. You'll collaborate with cross-functional teams to balance security with customer-ready velocity. Your work helps ensure a fast, resilient platform for general freight stakeholders, with ongoing exposure to cloud-native security and incident response. This is a high-impact position at a fast-growing, global tech company. Compensaciones / Beneficios Lead security architecture and design reviews to meet security, reliability, and scalability requirements. Develop, implement, and enforce technical security standards, secure baselines, and hardening guidelines. Own the reliability, availability, performance, and security of production systems. Design, implement, and optimize secure and scalable CI/CD pipelines with security integrated in the SDLC. Build and maintain automation tools and processes to improve deployment, stability, and security posture. Enhance security and observability via monitoring, logging, alerting, and SIEM across distributed systems. Lead and participate in incident response, threat monitoring, on-call support, and operational readiness improvements. Conduct security assessments, vulnerability management, and compliance audits to remediate risks. Promote a security-first culture by mentoring teams on secure coding, infrastructure, and deployment practices. Stay current with threats and best practices, integrating improvements into engineering and security processes. Participate in on-call rotation for 24x7 support (up to 72 days/year). Responsabilidades ~5+ years in DevOps and Security Engineering with focus on cloud security, hardening, and application security. ~ Hands-on experience securing AWS and GCP, including IaC with Terraform and Ansible. ~ Experience in AI security best practices. ~ Proven track record managing large-scale, high-availability distributed systems. ~ Experience integrating security controls and automated validation into CI/CD with Jenkins and Bitbucket. ~ Deep knowledge of SAST, DAST, SCA, secret scanning, and vulnerability management. ~ Familiarity with CIS, NIST, ISO 27001, SOC 2. ~ Strong scripting/automation in Python and Bash. ~ Experience with Zero Trust, IAM, and secrets management. ~ Hands-on with AWS/GCP security services (GuardDuty, SCC, Shield, CloudTrail) and SIEM/observability (Elastic Stack). ~ Strong troubleshooting and analytical skills in network security, encryption, authentication, and secure design. Requisitos principales equity incentive grants private health insurance training budget hybrid work arrangement flexible remuneration options team events J-18808-Ljbffr