Manager, SOC

Reports To: CISO

Location: Chicago, IL / Remote

Status: SALARIED

Redwood Logistics is your strategically integrated logistics provider that understands our customers’ unique needs. Throughout our 20-year history, we’ve grown and evolved our range of offerings to create a family of companies that can solve logistics and transportation challenges.

From our diversity of services, data-driven network solutions, and strategically integrated model, we have positioned ourselves as the dominant player in the mid-market space. We are a privately held company, managing significant transportation spend – we are big, but flexible with an entrepreneurial spirit.

For more than 20 years, Redwood Logistics has been helping move businesses forward by connecting our clients to winning strategies. As a next-generation leader in third-party logistics, we live at the intersection of logistics and technology. We focus brilliant minds, technology services, and performance excellence to modernize supply chains.

See for yourself why The Chicago Tribune has named Redwood Logistics a Top Workplace for several years running!

Position Description:

As the Manager, Cybersecurity team, this role will be responsible for all aspects of the Security Operations Center (SOC). This is a technical, hands-on role that ensures the SOC has the required visibility into the organizational network and provides an escalation point for anomalous activities, alerts, vulnerabilities and other security objectives. This role own the strategic vision for the SOC and will manage all day to day activity including staff training, personnel oversight, department staffing, department annual budget administration and forecasting. They will be the Point Of Contact (POC) for all security incidents and will be expected to run the command center in the case of a breach. The role does include a 24x7 on call component due to the POC function as they are the escalation point.

Responsibilities:

• Create a strategic vision and align budget and resource plans over a 3 year horizon
• Define roles and responsibilities for the SOC and ensure the daily operations achieve the goals.
• Oversees the response, investigation, and resolution of security incidents.
• Develop and improve processes for incident detection, triage, and the execution of countermeasures.
• Maintains metrics & measures to adequately monitor SOC performance.
• Create visibility into the Cost\Value of the SOC.
• Partner with other technology leaders to identify points of leverage, integration, detection and containment.
• Manages all incident response and is the escalation point for detected anomalous activities, vulnerabilities and threats
• Responsible for corporate wide security training
• Responsible for security testing (red team\blue team\BEC, etc)
• Responsible for oversight of the SOC 2 Type 2 audit
• Mentor and coach direct reports to identify needed skill sets and growth opportunities to align career aspirations with the growing needs of the SOC
• Position may require evening, weekend, or on-call schedules, depending on project requirements and/or system status.

Qualifications:

• 3-4 years of experience within a SOC, preferably in an MSSP environment.
• 3-4 years of experience with process creation, improvement, and documentation.
• 3-4 years of experience with SIEM products such as LogRhythm
• 3-4 years of experience vendor management (specifically MSSP)
• 3-4 years of experience with analytical skills including SLA reporting and SLA metrics.
• 3-4 years of experience with Email management solutions (BEC) such as Avanan, Mimecast.
• 3-4 years of experience with EDR\XDR solutions such as CrowdStrike, CarbonBlack.
• 2+ years of experience with Firewalls, and Intrusion Detection Systems required.
• 2+ years of experience with cloud (IaaS, Paas, SaaS) services required.
• 2+ years of experience developing and tracking service level agreements.
• 2+ years of experience with Security Incident Response is required.
• 2+ years of experience with Security Risk Management is required.
• 2+ years of experience with Security Anomaly Detection and tuning of signatures is required.
• Presentation and public speaking abilities
• Project management skills
• Ability to develop an enthusiastic and positive work environment
• Possession or active pursuit of certifications such as: SANS (GCIA/GCIH/GCTI), Certified Ethical Hacker (CEH), and CISSP is highly preferred.
• Working knowledge of Information Security best practices, audit frameworks and possibly privacy laws (e.g., familiarity with ISO 27000 series, SANS, NIST, OWASP Top 10, COBIT, CIS Top 20, CCPA, GDPR).

Rewards:

• Culture of unlimited growth with new positions and departments created regularly to support our growing customer base
• Paid maternity and paternity leave policies
• Medical, dental, vision and 401k plans (with match)
• Flexible-spending, mass transit and dependent care plans
• Health savings account, with company contribution
• Short-term, long-term and life insurance policies subsidized by company
• Cell phone discounts; reduced fees for health and fitness clubs
• Additional benefits including pet insurance, accident care and more
• Competitive referral bonus program
• Competitive PTO plans, with extra floating holiday and time off to volunteer
• Fundraising and volunteer opportunities to give back to our local and national communities

Redwood is an equal opportunity employer. Employment decisions at the Company are based on individual merit, qualifications, abilities, and the Company’s needs and resources. The Company does not discriminate in recruiting, hiring, compensation, promotions, discipline, termination or any other aspect of employment on the basis of an individual’s actual or perceived race, color, creed, religion, sex (including pregnancy, childbirth and related medical conditions), sexual orientation, gender identity, national origin, ancestry, citizenship status, age, disability, marital status, military service or status, genetic information, arrest and conviction record, credit history, or any other basis protected by applicable law.