Cybersecurity Engineer - Level 3

About Rhodian Group

Rhodian Group helps businesses build and manage their network environments with predictably priced managed IT services so they can focus on their core strengths and growth initiatives. They also help businesses identify and reduce cybersecurity and non-compliance risks. Their combination of IT, cybersecurity, and compliance services helps businesses operate safely, while complying with industry mandates and regulatory requirements.

Role Overview

The Cybersecurity Level 3 Engineer is a senior technicalsecurity role responsible for executing and leading penetration testing, vulnerability management, and advanced security assessments across enterprise or client environments. This position requires deep technicalexpertise, the ability tovalidatereal-world exploitability, and strong collaboration with engineering and leadership teams to reduce organizational risk.

Key Responsibilities

• Perform internal, external, web application, and network penetration tests using industry-standard methodologies

• Validate vulnerability scanner findings through manual testing and exploitation techniques

• Conduct attack simulations and adversary emulation aligned to real-world threat scenarios

• Lead vulnerability management lifecycle activities including prioritization, remediation validation, and risk acceptance

• Identifyfalse positives and confirm true security weaknesses through hands-on analysis

• Develop andmaintainpenetration testing methodologies, playbooks, and reporting standards

• Produce detailed penetration testing and vulnerability reports with risk ratings and remediation guidance

• Collaborate with SOC, infrastructure, cloud, and application teams to remediateidentifiedrisks

• Support red team and purple team exercises and threat modeling activities

• Assistwith security architecture reviews and secure design recommendations

• Mentor Level 1 and Level 2 security engineers

• Support compliance-driven testing requirements (SOC 2, ISO 27001, PCI DSS, NIST, CMMC)

Required Qualifications

• 4+ years of experience in cybersecurity with a strong focus on penetration testing and vulnerability management

• Hands-on experience with manual penetration testing techniques

• Strong knowledge of common vulnerabilities (OWASP Top 10, CWE, CVE)

• Experience with vulnerability scanning tools (Nessus, Qualys, Rapid7, OpenVAS)

• Proficiencywith penetration testing tools (Burp Suite, Metasploit, Nmap,BloodHound,SQLmap)

• Strong understanding of Windows, Linux, Active Directory, networking, and authentication mechanisms

• Experiencevalidatingexploitability and business impact of vulnerabilities

• Familiarity with the MITRE ATT&CK framework

• Strong written communication and reporting skills

Preferred Qualifications

• Experience conducting cloud penetration testing (Azure, AWS, Microsoft 365)

• Experience withidentity and privilege escalation attacks (Active Directory, Kerberos, MFA bypass concepts)

• Exposure to red team or purple team operations

• Scripting or automation experience (Python, PowerShell, Bash)

• Experience in an MSP or consulting environment

• Relevant certifications: OSCP, OSCE, GPEN, GWAPT, CEH, CRTO, PNPT

What Success Looks Like

• Vulnerabilities are accuratelyvalidatedand prioritized based on real risk

• Penetration testing results are actionable, clear, and respected by engineering teams

• False positives arereducedand scanner results are meaningfully improved

• Security posture improves measurably over time

• Junior engineers are coached and elevated technically

• Leadership receives clear, risk-based insights