Senior Cyber Security Analyst

Reports To: SOC Manager

Location: Anywhere in the U.S.

Environment: Remote - must be willing to travel to Chicago quarterly or monthly

Work Schedule:

This position is full-time and remote Monday through Friday from 8:00 AM to 5:00 PM with an hour break, but flexibility is available based on coverage.

Who We Are:

Recognized by Gartner in their Modern 4PL Market Guide, Redwood Logistics is at the forefront of industry innovation. Our cutting-edge supply chain technology pairs with the expertise of our brilliant minds to empower logistics execution across North America and Mexico.

Leveraging a comprehensive range of services, data-centric network solutions, and a seamlessly integrated platform, we have established our prominence as a key player in the mid-market segment within the freight tech industry.

Whether you’re just starting your career or are an established professional looking for your next opportunity, Redwood inspires innovation across teams to provide transformative solutions for our customers.

Purpose of Your Work:

As a Senior Cyber Security Analyst, working within Redwood Logistics (our parent company), you will be responsible for on role with a priority focus on managing all aspects of incident response including preparation, detection, analysis, containment, remediation, and lessons learned.

This role reports to the Manager, SOC, and will collaborate closely with system owners, taking charge of remediation efforts for all security incidents. When not actively responding to Cybersecurity Incidents in the environment, this role will be building security controls, processes, and training staff to improve the Cybersecurity posture of the business.

This highly technical role is crucial in ensuring our systems adhere to top-tier security standards. They must be passionate about translating security insights into actionable solutions and enjoy the challenge of securing digital landscapes.

How You Make a Difference Everyday:

1. Lead incident response efforts to contain and remediate all Cybersecurity Incidents.
2. Responsible for guiding internal and external Cybersecurity Incident Response Team during all Cybersecurity Incidents.
3. Develop and maintain Incident Response plans and procedures.
4. Serve as the foremost technical expert and provide guidance and training to other members of the Cybersecurity team on best practices and procedures.
5. Stay up to date with the latest cybersecurity trends and make recommendations for continuous improvement to the company's security posture.
6. Perform vulnerability and penetration testing to evaluate systems and identify weaknesses and areas for improvement.
7. Develop and implement effective strategies to mitigate potential cyber threats.
8. Collaborate with other teams to implement new or upgraded security measures or controls, and document system or process changes.
9. Provide information to management as required, including producing and delivering various dashboards, metrics, and other reports, as required.
10. Handle daily tasks, ad-hoc assignments, and lead projects as needed or directed by Cybersecurity management.
11. Participate in on-call rotation.

You’ve Got This?

• 5 years of relevant experience in a specific cybersecurity subdomain (Cloud, Applications, Infrastructure, Security Technology, etc.)
• 3-4 years of experience with Security Anomaly Detection and tuning of signatures is required.
• 3-4 years of experience with Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed.
• 3-4 years of experience within a SOC, preferably in an MSSP environment.
• 3-4 years of experience with process creation, improvement, and documentation.
• 3-4 years of experience with SIEM products such as LogRhythm
• 3-4 years of experience with EDR\XDR solutions such as CrowdStrike, CarbonBlack.
• 2 years of experience identifying and responding to advanced threats and threat actor TTPs
• 2 years of experience with Wireshark and other network forensic and packet analysis tools.
• 2 years of experience with cloud native architecture (AWS, Azure, GCP)
• 2 years of experience with Security Risk Management is required.
• Presentation and public speaking abilities
• Project management skills
• Ability to develop an enthusiastic and positive work environment
• Possession or active pursuit of certifications such as: SANS (GCIA/GCIH/GCTI), Certified Ethical Hacker (CEH), and CISSP is highly preferred.
• Working knowledge of Information Security best practices, audit frameworks and possibly privacy laws (e.g., familiarity with ISO 27000 series, SANS, NIST, OWASP Top 10, COBIT, CIS Top 20, CCPA, GDPR).
• Ability to travel as required, potentially on short notice

What We Offer:

• Access to experts and resources for your Learning & Development journey
• Opportunity for internal mobility
• Employee referral bonus program
• Employee Resource Groups (ERGs)
• Annual fundraising and volunteer events to give back to communities
• Paid time off, floating holidays, time off to volunteer and rollover
• Paid parental leave
• Medical, dental, vision and 401k plans (with match)
• Flexible spending account, mass transit and dependent care plans available
• Health savings account, with a annual company contribution for plan participants
• Short-term and long-term disability; life insurance policies subsidized by company
• Additional benefits including pet insurance, accident care, access to legal advice and more

Redwood is an equal opportunity employer. Employment decisions at the Company are based on individual merit, qualifications, abilities, and the Company’s needs and resources. The Company does not discriminate in recruiting, hiring, compensation, promotions, discipline, termination or any other aspect of employment on the basis of an individual’s actual or perceived race, color, creed, religion, sex (including pregnancy, childbirth and related medical conditions), sexual orientation, gender identity, national origin, ancestry, citizenship status, age, disability, marital status, military service or status, genetic information, arrest and conviction record, credit history, or any other basis protected by applicable law.