Security Operations Engineer

It's fun to work in a company where people truly BELIEVE in what they're doing

We're committed to bringing passion and customer focus to the business.

OUR MISSION

At Redwood, we empower our customers with lights-out automation for their mission-critical business processes.

ABOUT US

Redwood Software is the leader in full stack automation fabric solutions for mission-critical business processes. With the first SaaS-based composable automation platform specifically built for ERP, we believe in the transformative power of automation. Our unparalleled solutions empower you to orchestrate, manage and monitor your workflows across any application, service or server — in the cloud or on premises — with confidence and control.

Redwood's global team of automation experts and customer success engineers provide solutions and world-class support designed to give you the freedom and time to imagine and define your future. Get out of the weeds and see the forest, with Redwood Software.

CORE VALUES

One Team. One Redwood

Make Your Own Weather

Obsess over Customer Success

Work the Problem

Be Curious

Own the Outcome

Respect Each Other

YOUR IMPACT

We are seeking a skilled and detail-oriented Security Operations Engineer (L2) to support and advance our organization's cybersecurity posture. This role sits within the Security Operations Center (SOC) and is responsible for responding to security incidents, analyzing logs and alerts, performing threat hunting, and supporting incident response efforts.

The ideal candidate has prior experience in a SOC or security operations environment, solid understanding of security tools and cloud environments, and the ability to work effectively in a fast-paced, distributed team.

• Monitor and triage security alerts from SIEM, EDR, cloud logs, and other tools.
• Conduct deep-dive investigations into alerts, anomalies, and indicators of compromise (IOCs).
• Perform Level 2 incident response: containment, eradication, recovery, and post-incident analysis.
• Correlate data from multiple sources to identify potential threats and vulnerabilities.
• Conduct threat hunting activities using telemetry (e.g., DNS, network, endpoint, and cloud logs).
• Escalate advanced incidents as needed with proper documentation.
• Participate in regular SOC operations and on-call rotations.
• Assist in fine-tuning security tools, detection rules, and alerts (SIEM, EDR, IDS, WAF, etc.).
• Support security assessments and audits with relevant data and context.

YOUR EXPERIENCE

• 5–7 years of experience in security operations, incident response, or threat analysis.
• Hands-on experience with at least two of the following: SIEM (Rapid 7 IDR, Sentinel, etc.), EDR (CrowdStrike, Microsoft), SOAR platforms, IDS/IPS, or cloud security tools.
• Proficiency in analyzing logs: Windows Event Logs, Linux syslogs, AWS/CloudTrail, firewall logs, etc.
• Working knowledge of threat actors, tactics, techniques, and procedures (TTPs) (MITRE ATT&CK).
• Familiarity with network protocols, malware behavior, phishing indicators, and security frameworks.
• Strong analytical and problem-solving skills.
• Ability to document findings, provide incident timelines, and escalate with clarity.

Preferred Qualifications

• Certifications: Security+, CySA+, GCIA, GCIH, GCFA, CEH, or equivalent.
• Experience in cloud environments (AWS, Azure, GCP), including use of CloudTrail, GuardDuty, or CloudWatch.
• Scripting or automation experience in Python, PowerShell, or Bash.
• Exposure to regulatory requirements (ISO 27001, SOC2, PCI-DSS, etc.).
• Knowledge of Zero Trust architecture and secure access practices.

If you like growth and working with happy, enthusiastic over-achievers, you'll enjoy your career with us

THE LEGAL BIT

Redwood is an equal opportunity employer. Redwood prohibits unlawful discrimination based on race, colour, religion, sex, gender identity, marital or veteran status, age, national origin, ancestry, citizenship, physical or mental disability, medical condition, genetic information or characteristics (or those of a family member), sexual orientation, pregnancy or any other consideration made unlawful by regional or local laws. We also prohibit discrimination based on a perception that anyone has any of those characteristics or is associated with a person who has or is perceived as having any of those characteristics. All such discrimination is unlawful and will have a zero tolerance policy applied to it.

Redwood will comply with all local data protection laws, including GDPR when it comes to the handling and processing of personal data. Should you wish for us to remove your personal data from our recruitment database, please email us directly