Monitor, triage, and investigate security alerts from SIEM/EDR; perform incident response, root-cause analysis, threat hunting, SIEM tuning, documentation, and escalate complex incidents to senior teams.
About Rhodian Group
Rhodian Group helps businesses build and manage their network environments with predictably priced managed IT services so they can focus on their core strengths and growth initiatives. They also help businesses identify and reduce cybersecurity and non-compliance risks. Their combination of IT, cybersecurity, and compliance services helps businesses operate safely, while complying with industry mandates and regulatory requirements.
Role Overview
The Cybersecurity Level 2 Engineer plays a critical role in the Security Operations Center (SOC), responsible for monitoring, investigating, and responding to security alerts and incidents across client or enterprise environments. This role requires hands-on experience with SIEM platforms, endpoint security tools, and incident response processes, with the ability to escalate and remediate threats effectively.
Key Responsibilities
- Monitor and triage security alerts generated by SIEM, EDR, and security monitoring tools
- Investigate security incidents including phishing, malware, endpoint compromise, and unauthorized access
- Perform root-cause analysis and document incident findings and remediation actions
- Tune SIEM detection rules, alerts, and dashboards to reduce false positives and improve fidelity
- Conduct threat hunting activities using logs from endpoints, networks, cloud platforms, and identity providers
- Respond to security incidents in accordance with established incident response playbooks and SLAs
- Escalate complex or high-risk incidents to Level 3 or Incident Response teams with detailed context and evidence
- Assist with vulnerability management findings and validation of remediation
- Support log ingestion, parsing, normalization, and retention requirements for SIEM platforms
- Maintain accurate case notes, incident reports, and security documentation
- Collaborate with IT, engineering, and security teams to improve overall security posture
Required Qualifications
- 2+ years of hands-on experience in a SOC, cybersecurity, or security operations role
- Practical experience working with SIEM platforms (Splunk, Microsoft Sentinel, LogRhythm, QRadar, Elastic)
- Experience analyzing logs from endpoints, firewalls, IDS/IPS, cloud, and identity systems
- Familiarity with EDR tools (CrowdStrike, SentinelOne, Microsoft Defender, Datto EDR)
- Understanding of the incident response lifecycle and security alert triage
- Working knowledge of common attack techniques and indicators of compromise (IOCs)
- Experience with the MITRE ATT&CK framework
- Strong documentation and communication skills
Preferred Qualifications
- Experience in an MSP or multi-tenant SOC environment
- Familiarity with SOAR tools and automation workflows
- Exposure to cloud security logging (Azure, AWS, Microsoft 365)
- Experience with vulnerability scanning tools (Qualys, Nessus, Rapid7)
- Basic scripting or query experience (KQL, SPL, SQL, PowerShell, Python)
- Relevant certifications: Security+, CySA+, SC-200, Splunk Core Certified User
What Success Looks Like
- Security alerts are investigated accurately and efficiently
- Incidents are escalated with high-quality analysis and evidence
- SIEM detections improve over time through tuning and feedback
- Threats are identified early, contained effectively, and documented clearly
- Strong collaboration with SOC peers and senior security engineers
Similar Jobs
Insurance • Software
The Senior Cybersecurity Engineer will enhance security across cloud infrastructure, manage security tooling, and support compliance efforts while collaborating with various teams to protect sensitive financial data.
Top Skills:
AWSAzureCentralized LoggingCspmEdrGCPIamSIEMXdr
Artificial Intelligence • Information Technology • Machine Learning • Marketing Tech • Software • Biotech • Design
The Senior Cybersecurity Engineer will enhance security engineering by conducting assessments, designing proactive solutions, and automating tasks, while collaborating with teams to protect data and systems.
Top Skills:
Ai AgentsAWSAzureGCPLlm-Based SolutionsPythonTypescript
Information Technology • Consulting
Lead Cybersecurity Engineer responsible for developing threat detection capabilities, automating incident responses, and collaborating with clients to strengthen cybersecurity posture using advanced technologies.
Top Skills:
SparkEdrNdrPythonSIEMSoarSQL
What you need to know about the Boston Tech Scene
Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
