Cybersecurity Engineer - Level 3

About Rhodian Group Rhodian Group helps businesses build and manage their network environments with predictably priced managed IT services so they can focus on their core strengths and growth initiatives. They also help businesses identify and reduce cybersecurity and non-compliance risks. Their combination of IT, cybersecurity, and compliance services helps businesses operate safely, while complying with industry mandates and regulatory requirements. Role Overview  The Cybersecurity Level 3 Engineer is a senior technical security role responsible for executing and leading penetration testing, vulnerability management, and advanced security assessments across enterprise or client environments. This position requires deep technical expertise, the ability to validate real-world exploitability, and strong collaboration with engineering and leadership teams to reduce organizational risk.  Key Responsibilities  Perform internal, external, web application, and network penetration tests using industry-standard methodologies  Validate vulnerability scanner findings through manual testing and exploitation techniques  Conduct attack simulations and adversary emulation aligned to real-world threat scenarios  Lead vulnerability management lifecycle activities including prioritization, remediation validation, and risk acceptance  Identify false positives and confirm true security weaknesses through hands-on analysis  Develop and maintain penetration testing methodologies, playbooks, and reporting standards  Produce detailed penetration testing and vulnerability reports with risk ratings and remediation guidance  Collaborate with SOC, infrastructure, cloud, and application teams to remediate identified risks  Support red team and purple team exercises and threat modeling activities  Assist with security architecture reviews and secure design recommendations  Mentor Level 1 and Level 2 security engineers  Support compliance-driven testing requirements (SOC 2, ISO 27001, PCI DSS, NIST, CMMC)  Required Qualifications  4+ years of experience in cybersecurity with a strong focus on penetration testing and vulnerability management  Hands-on experience with manual penetration testing techniques  Strong knowledge of common vulnerabilities (OWASP Top 10, CWE, CVE)  Experience with vulnerability scanning tools (Nessus, Qualys, Rapid7, OpenVAS)  Proficiency with penetration testing tools (Burp Suite, Metasploit, Nmap, BloodHound, SQLmap)  Strong understanding of Windows, Linux, Active Directory, networking, and authentication mechanisms  Experience validating exploitability and business impact of vulnerabilities  Familiarity with the MITRE ATT&CK framework  Strong written communication and reporting skills  Preferred Qualifications  Experience conducting cloud penetration testing (Azure, AWS, Microsoft 365)  Experience with identity and privilege escalation attacks (Active Directory, Kerberos, MFA bypass concepts)  Exposure to red team or purple team operations  Scripting or automation experience (Python, PowerShell, Bash)  Experience in an MSP or consulting environment  Relevant certifications: OSCP, OSCE, GPEN, GWAPT, CEH, CRTO, PNPT  What Success Looks Like  Vulnerabilities are accurately validated and prioritized based on real risk  Penetration testing results are actionable, clear, and respected by engineering teams  False positives are reduced and scanner results are meaningfully improved  Security posture improves measurably over time  Junior engineers are coached and elevated technically  Leadership receives clear, risk-based insights Locations: Remote (United States)