About Rhodian GroupRhodian Group helps businesses build and manage their network environments with predictably priced managed IT services so they can focus on their core strengths and growth initiatives. They also help businesses identify and reduce cybersecurity and non-compliance risks. Their combination of IT, cybersecurity, and compliance services helps businesses operate safely, while complying with industry mandates and regulatory requirements.Role OverviewThe Cybersecurity Level 3 Engineer is a senior technical security role responsible for executing and leading penetration testing, vulnerability management, and advanced security assessments across enterprise or client environments. This position requires deep technical expertise, the ability to validate real-world exploitability, and strong collaboration with engineering and leadership teams to reduce organizational risk.Key ResponsibilitiesPerform internal, external, web application, and network penetration tests using industry-standard methodologiesValidate vulnerability scanner findings through manual testing and exploitation techniquesConduct attack simulations and adversary emulation aligned to real-world threat scenariosLead vulnerability management lifecycle activities including prioritization, remediation validation, and risk acceptanceIdentify false positives and confirm true security weaknesses through hands-on analysisDevelop and maintain penetration testing methodologies, playbooks, and reporting standardsProduce detailed penetration testing and vulnerability reports with risk ratings and remediation guidanceCollaborate with SOC, infrastructure, cloud, and application teams to remediate identified risksSupport red team and purple team exercises and threat modeling activitiesAssist with security architecture reviews and secure design recommendationsMentor Level 1 and Level 2 security engineersSupport compliance-driven testing requirements (SOC 2, ISO 27001, PCI DSS, NIST, CMMC)Required Qualifications4+ years of experience in cybersecurity with a strong focus on penetration testing and vulnerability managementHands-on experience with manual penetration testing techniquesStrong knowledge of common vulnerabilities (OWASP Top 10, CWE, CVE)Experience with vulnerability scanning tools (Nessus, Qualys, Rapid7, OpenVAS)Proficiency with penetration testing tools (Burp Suite, Metasploit, Nmap, BloodHound, SQLmap)Strong understanding of Windows, Linux, Active Directory, networking, and authentication mechanismsExperience validating exploitability and business impact of vulnerabilitiesFamiliarity with the MITRE ATT&CK frameworkStrong written communication and reporting skillsPreferred QualificationsExperience conducting cloud penetration testing (Azure, AWS, Microsoft 365)Experience with identity and privilege escalation attacks (Active Directory, Kerberos, MFA bypass concepts)Exposure to red team or purple team operationsScripting or automation experience (Python, PowerShell, Bash)Experience in an MSP or consulting environmentRelevant certifications: OSCP, OSCE, GPEN, GWAPT, CEH, CRTO, PNPTWhat Success Looks LikeVulnerabilities are accurately validated and prioritized based on real riskPenetration testing results are actionable, clear, and respected by engineering teamsFalse positives are reduced and scanner results are meaningfully improvedSecurity posture improves measurably over timeJunior engineers are coached and elevated technicallyLeadership receives clear, risk-based insights