IT Security Engineer

Environment Location: Chicago, IL. Remote (expectation to be onsite quarterly). Status Exempt. Who We Are Recognized by Gartner in their Modern 4PL Market Guide, Redwood Logistics is at the forefront of industry innovation. Our cutting-edge supply chain technology pairs with the expertise of our brilliant minds to empower logistics execution across North America and Mexico. Leveraging a comprehensive range of services, data-centric network solutions, and a seamlessly integrated platform, we have established our prominence as a key player in the mid-market segment within the freight tech industry. Whether you’re just starting your career or are an established professional looking for your next opportunity, Redwood inspires innovation across teams to provide transformative solutions for our customers. Purpose Of Your Work As an IT Security Engineer, you will be responsible for designing, implementing, operating, and continuously improving the technical security controls that protect the organization’s digital assets based on identifying and assessing new attack vectors and strategies used in the world. This role is hands-on and operational, focused on securing cloud and on-premises environments, detecting and responding to security threats, and validating the effectiveness of security controls in real-world conditions. The Security Engineer is responsible for deploying and tuning security technologies across endpoint, identity, email, and logging platforms, as well as monitoring security telemetry to identify, investigate, and respond to suspicious or malicious activity. This includes leading and participating in incident response efforts, performing root cause analysis, and driving corrective actions to reduce the likelihood and impact of future incidents. The Security Engineer also partners closely with IT and engineering teams to integrate security tooling, improve visibility, and close gaps in detection and monitoring. How You Make a Difference Everyday Design, implement, and tune technical security controls across cloud, endpoint, identity, and email environments. Validate the effectiveness of existing security controls. Partner with IT and engineering teams to deploy security tooling, integrate log sources, and improve visibility and telemetry. Own continuous improvement of security controls aligned to industry frameworks. Evaluate new security technologies and configurations. Improve alert quality by reducing false positives through rule tuning and correlation. Assist in building and maintaining dashboards and metrics that measure control effectiveness, detection coverage, and response performance. Identify gaps in monitoring or logging and remediate them. Monitor, triage, and investigate alerts across security tooling including SIEM, EDR, and email security platforms. Lead and participate in security incident response activities, including containment, eradication, recovery, and post-incident analysis. Perform root cause analysis for security incidents findings and drive corrective actions. Develop, refine, and maintain incident response processes to improve response effectiveness. Track and analyze security events and trends to identify gaps in detection, coverage, or response capabilities. Handle daily tasks, ad-hoc assignments, and lead projects as needed or directed by IT Security management. Participate in on-call rotation. You’ve Got This? Bachelor’s degree in Computer Science, Information Security, or related technical field, or equivalent practical experience. 4–7 years of hands-on experience in security engineering, security operations, or incident response roles. Demonstrated experience designing, implementing, and operating security controls across endpoint, identity, cloud, and email environments. Strong experience with incident response, including investigation, containment, remediation, and post-incident analysis. Experience with SIEM platforms, including log ingestion, correlation, alert tuning, and investigation workflows. Hands-on experience with EDR/XDR technologies (e.g., CrowdStrike, Carbon Black, Defender for Endpoint, or equivalent). Experience improving detection quality, including reducing false positives and increasing signal fidelity through tuning and correlation. Ability to validate control effectiveness through testing, simulation, and real-world incident analysis. Working knowledge of modern attack techniques, adversary tradecraft, and defensive detection strategies. Experience with cloud-native security architectures in AWS, Azure, and/or GCP environments. Experience integrating security tools with identity providers, SaaS platforms, and cloud logging pipelines. Proficiency in scripting or automation (PowerShell, Python, Bash) to support detection, response, or control validation. Experience building or improving incident response playbooks and operational processes. Exposure to detection engineering frameworks (e.g., MITRE ATT&CK mapping, threat-informed defense). Experience evaluating and onboarding new security technologies. What We Offer Access to experts and resources for your Learning & Development journey Opportunity for internal mobility Employee referral bonus program Employee Resource Groups (ERGs) Annual fundraising and volunteer events to give back to communities Paid time off, floating holidays, time off to volunteer and rollover Paid parental leave Medical, dental, vision and 401k plans (with match) Flexible spending account, mass transit and dependent care plans available Health savings account, with a annual company contribution for plan participants Short-term and long-term disability; life insurance policies subsidized by company Additional benefits including pet insurance, accident care, access to legal advice and more Work Schedule This position is full-time and remote Monday through Friday from 8:00 AM to 5:00 PM with an hour break, but flexibility is available based on coverage. Compensation Range Salary Range: $115,000 - $130,000. This position is eligible to earn annual incentives based on individual and company performance. The estimated pay range reflects an anticipated range for this position. The actual base salary offered will depend on a variety of factors, including the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, and the geographical location in which the applicant lives and/or which they will be performing the job. Redwood is an equal opportunity employer. Employment decisions at the Company are based on individual merit, qualifications, abilities, and the Company’s needs and resources. The Company does not discriminate in recruiting, hiring, compensation, promotions, discipline, termination or any other aspect of employment on the basis of an individual’s actual or perceived race, color, creed, religion, sex (including pregnancy, childbirth and related medical conditions), sexual orientation, gender identity, national origin, ancestry, citizenship status, age, disability, marital status, military service or status, genetic information, arrest and conviction record, credit history, or any other basis protected by applicable law. #J-18808-Ljbffr