Cybersecurity Engineer - Level 2 at Rhodian Group | Torre
warning

Heads-up

The job you’re trying to post already exists in Torre:

Cybersecurity Engineer - Level 2

You'll secure diverse client environments, investigating and remediating threats to ensure operational safety.
Emma highlights
This highlight was written by Emma’s AI. Ask Emma to edit it.
Full-time

Legal agreement: Employment

Provide your expected compensation while applying
location_on
Remote (for United States residents)
Match
skeleton-gauges
You have opted out of job matches in .
To undo this, go to the 'Skills and Interests' section of your preferences.
Review preferences
Posted 5 months ago

Requirements and responsibilities


About Rhodian GroupRhodian Group helps businesses build and manage their network environments with predictably priced managed IT services so they can focus on their core strengths and growth initiatives. They also help businesses identify and reduce cybersecurity and non-compliance risks. Their combination of IT, cybersecurity, and compliance services helps businesses operate safely, while complying with industry mandates and regulatory requirements.Role OverviewThe Cybersecurity Level 2 Engineer plays a critical role in the Security Operations Center (SOC), responsible for monitoring, investigating, and responding to security alerts and incidents across client or enterprise environments. This role requires hands-on experience with SIEM platforms, endpoint security tools, and incident response processes, with the ability to escalate and remediate threats effectively.Key ResponsibilitiesMonitor and triage security alerts generated by SIEM, EDR, and security monitoring toolsInvestigate security incidents including phishing, malware, endpoint compromise, and unauthorized accessPerform root-cause analysis and document incident findings and remediation actionsTune SIEM detection rules, alerts, and dashboards to reduce false positives and improve fidelityConduct threat hunting activities using logs from endpoints, networks, cloud platforms, and identity providersRespond to security incidents in accordance with established incident response playbooks and SLAsEscalate complex or high-risk incidents to Level 3 or Incident Response teams with detailed context and evidenceAssist with vulnerability management findings and validation of remediationSupport log ingestion, parsing, normalization, and retention requirements for SIEM platformsMaintain accurate case notes, incident reports, and security documentationCollaborate with IT, engineering, and security teams to improve overall security postureRequired Qualifications2+ years of hands-on experience in a SOC, cybersecurity, or security operations rolePractical experience working with SIEM platforms (Splunk, Microsoft Sentinel, LogRhythm, QRadar, Elastic)Experience analyzing logs from endpoints, firewalls, IDS/IPS, cloud, and identity systemsFamiliarity with EDR tools (CrowdStrike, SentinelOne, Microsoft Defender, Datto EDR)Understanding of the incident response lifecycle and security alert triageWorking knowledge of common attack techniques and indicators of compromise (IOCs)Experience with the MITRE ATT&CK frameworkStrong documentation and communication skillsPreferred QualificationsExperience in an MSP or multi-tenant SOC environmentFamiliarity with SOAR tools and automation workflowsExposure to cloud security logging (Azure, AWS, Microsoft 365)Experience with vulnerability scanning tools (Qualys, Nessus, Rapid7)Basic scripting or query experience (KQL, SPL, SQL, PowerShell, Python)Relevant certifications: Security+, CySA+, SC-200, Splunk Core Certified UserWhat Success Looks LikeSecurity alerts are investigated accurately and efficientlyIncidents are escalated with high-quality analysis and evidenceSIEM detections improve over time through tuning and feedbackThreats are identified early, contained effectively, and documented clearlyStrong collaboration with SOC peers and senior security engineers
Optionally, you can add more information later (benefits, pre-screening questions, etc.)
check_circle

Payment confirmed

A member of the Torre team will contact you shortly

In the meantime, continue adding information to your job opening.