Cybersecurity Engineer – Level 2

Job not on LinkedIn

🕒 March 20

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Rhodian Group

WebsiteLinkedInAll Job Openings

11 - 50 employees

Founded 2005

🔒 Cybersecurity

📋 Compliance

🤝 B2B

Cybersecurity • Compliance • B2B

Rhodian Group is a managed IT and cybersecurity services provider that delivers outsourced IT, cloud and Azure management, 24x7 US-based support, and security services to businesses. The company combines managed IT (endpoint, network, server, virtual desktop) with cybersecurity offerings — including incident response, managed EDR and SOC, penetration testing, vulnerability scanning, and security awareness training — and compliance services such as HIPAA compliance, risk assessments, and policy development. Rhodian focuses on helping organizations reduce IT costs, improve operations, and maintain regulatory compliance through fixed-cost and fully-managed solutions for other businesses.

📋 Description

• Monitor and triage security alerts generated by SIEM, EDR, and security monitoring tools • Investigate security incidents including phishing, malware, endpoint compromise, and unauthorized access • Perform root-cause analysis and document incident findings and remediation actions • Tune SIEM detection rules, alerts, and dashboards to reduce false positives and improve fidelity • Conduct threat hunting activities using logs from endpoints, networks, cloud platforms, and identity providers • Respond to security incidents in accordance with established incident response playbooks and SLAs • Escalate complex or high-risk incidents to Level 3 or Incident Response teams with detailed context and evidence • Assist with vulnerability management findings and validation of remediation • Support log ingestion, parsing, normalization, and retention requirements for SIEM platforms • Maintain accurate case notes, incident reports, and security documentation • Collaborate with IT, engineering, and security teams to improve overall security posture

🎯 Requirements

• 2+ years of hands-on experience in a SOC, cybersecurity, or security operations role • Practical experience working with SIEM platforms (Splunk, Microsoft Sentinel, LogRhythm, QRadar, Elastic) • Experience analyzing logs from endpoints, firewalls, IDS/IPS, cloud, and identity systems • Familiarity with EDR tools (CrowdStrike, SentinelOne, Microsoft Defender, Datto EDR) • Understanding of the incident response lifecycle and security alert triage • Working knowledge of common attack techniques and indicators of compromise (IOCs) • Experience with the MITRE ATT&CK framework • Strong documentation and communication skills • Relevant certifications: Security+, CySA+, SC-200, Splunk Core Certified User