IT Security Engineer

Environment: Remote (expectation to be onsite quarterly)Recognized by Gartner in their Modern 4PL Market Guide, Redwood Logistics is at the forefront of industry innovation. Our cutting-edge supply chain technology pairs with the expertise of our brilliant minds to empower logistics execution across North America and Mexico.Leveraging a comprehensive range of services, data-centric network solutions, and a seamlessly integrated platform, we have established our prominence as a key player in the mid-market segment within the freight tech industry.Whether you're just starting your career or are an established professional looking for your next opportunity, Redwood inspires innovation across teams to provide transformative solutions for our customers.Purpose of Your WorkAs an IT Security Engineer, you will be responsible for designing, implementing, operating, and continuously improving the technical security controls that protect the organization's digital assets based on identifying and assessing new attack vectors and strategies used in the world. This role is hands-on and operational, focused on securing cloud and on-premises environments, detecting and responding to security threats, and validating the effectiveness of security controls in real-world conditions.The Security Engineer is responsible for deploying and tuning security technologies across endpoint, identity, email, and logging platforms, as well as monitoring security telemetry to identify, investigate, and respond to suspicious or malicious activity. This includes leading and participating in incident response efforts, performing root cause analysis, and driving corrective actions to reduce the likelihood and impact of future incidents. The Security Engineer also partners closely with IT and engineering teams to integrate security tooling, improve visibility, and close gaps in detection and monitoring.How You Make a Difference EverydayDesign, implement, and tune technical security controls across cloud, endpoint, identity, and email environments.Validate the effectiveness of existing security controls.Partner with IT and engineering teams to deploy security tooling, integrate log sources, and improve visibility and telemetry.Own continuous improvement of security controls aligned to industry frameworks.Evaluate new security technologies and configurations.Improve alert quality by reducing false positives through rule tuning and correlation.Assist in building and maintaining dashboards and metrics that measure control effectiveness, detection coverage, and response performance.Identify gaps in monitoring or logging and remediate them.Monitor, triage, and investigate alerts across security tooling including SIEM, EDR, and email security platforms.Lead and participate in security incident response activities, including containment, eradication, recovery, and post-incident analysis.Perform root cause analysis for security incidents findings and drive corrective actions.Develop, refine, and maintain incident response processes to improve response effectiveness.Track and analyze security events and trends to identify gaps in detection, coverage, or response capabilities.Handle daily tasks, ad-hoc assignments, and lead projects as needed or directed by IT Security management.Participate in on-call rotation.You've Got This?Bachelor's degree in Computer Science, Information Security, or related technical field, or equivalent practical experience.4-7 years of hands-on experience in security engineering, security operations, or incident response roles.Demonstrated experience designing, implementing, and operating security controls across endpoint, identity, cloud, and email environments.Strong experience with incident response, including investigation, containment, remediation, and post-incident analysis.Experience with SIEM platforms, including log ingestion, correlation, alert tuning, and investigation workflows.Hands-on experience with EDR/XDR technologies (e.g., CrowdStrike, Carbon Black, Defender for Endpoint, or equivalent).Experience improving detection quality, including reducing false positives and increasing signal fidelity through tuning and correlation.Ability to validate control effectiveness through testing, simulation, and real-world incident analysis.Working knowledge of modern attack techniques, adversary tradecraft, and defensive detection strategies.Experience with cloud-native security architectures in AWS, Azure, and/or GCP environments.Experience integrating security tools with identity providers, SaaS platforms, and cloud logging pipelines.Proficiency in scripting or automation (PowerShell, Python, Bash) to support detection, response, or control validation.Experience building or improving incident response playbooks and operational processes.Exposure to detection engineering frameworks (e.g., MITRE ATT&CK mapping, threat-informed defense).Experience evaluating and onboarding new security technologiesWhat We OfferAccess to experts and resources for your Learning & Development journeyOpportunity for internal mobilityEmployee referral bonus programEmployee Resource Groups (ERGs)Annual fundraising and volunteer events to give back to communitiesPaid time off, floating holidays, time off to volunteer and rolloverPaid parental leaveMedical, dental, vision and 401k plans (with match)Flexible spending account, mass transit and dependent care plans availableHealth savings account, with a annual company contribution for plan participantsShort-term and long-term disability; life insurance policies subsidized by companyAdditional benefits including pet insurance, accident care, access to legal advice and moreWork ScheduleThis position is full-time and remote Monday through Friday from 8:00 AM to 5:00 PM with an hour break, but flexibility is available based on pensation RangeSalary Range:$115,000 - $130,000This position is eligible to earn annual incentives based on individual and company performance.The estimated pay range reflects an anticipated range for this position. The actual base salary offered will depend on a variety of factors, including the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, and the geographical location in which the applicant lives and/or which they will be performing the job.Connect with our Talent Acquisition team for more information about any questions you have or opportunities you'd like to pursue. #J-18808-Ljbffr

Created: 2026-04-20