Senior Manager - SIEM SOAR Engineer

Kroll’s Cyber Data & Resilience practice is building a high-growth CrowdStrike Next Gen SIEM and MDR Enablement practice, and we are seeking a proven technical leader to help shape and scale delivery across detection, automation, and managed response services.

As a Senior Manager / Principal Consultant, you will oversee a team of detection engineers and client delivery professionals deploying and operationalizing CrowdStrike Falcon and LogScale. Your mission: to design repeatable delivery models, ensure operational excellence, and help clients accelerate their detection maturity through Kroll’s modern managed-services framework.

This is a leadership and delivery role—ideal for someone who enjoys bridging technical execution, service development, and client outcomes.

Day-to-Day Responsibilities:

• Lead end-to-end delivery of CrowdStrike MDR and Next Gen SIEM (LogScale) implementations for enterprise and mid-market clients.

• Define standard operating procedures, playbooks, and delivery frameworks for repeatable, scalable service delivery.

• Manage and mentor detection engineers and consultants delivering client projects across CrowdStrike Falcon modules.

• Oversee detection logic development, correlation rules, and SOC process optimization.

• Partner with Kroll’s incident response and advisory teams to integrate post-incident detection enhancements into ongoing MDR operations.

• Develop and maintain CrowdStrike baseline configurations, deployment templates, and automation accelerators (Terraform, Ansible, PowerShell).

• Interface directly with client executives and technical stakeholders to translate business risk into detection and response strategies.

• Collaborate with technology alliances (CrowdStrike, Microsoft, etc.) on co-developed service offerings and go-to-market enablement.

• Track delivery metrics, SLAs, and client satisfaction to continuously improve program maturity and profitability.

Essential Traits:

• 7–10+ years of experience in cybersecurity delivery, operations, or consulting (preferably within MDR, SOC, or detection engineering programs).

• Proven track record leading teams deploying CrowdStrike Falcon and CrowdStrike LogScale technologies.

• Strong understanding of SIEM/SOAR operations, detection logic, and threat response workflows.

• Experience designing or maturing MDR service models (process, metrics, automation, and reporting).

• Proficiency in Terraform, PowerShell, or Python for automation and configuration management.

• Deep familiarity with multi-tenant operations, Flight Control, and Azure Lighthouse environments.

• Excellent communication and presentation skills—comfortable interfacing with client CISOs and technical teams alike.

Preferred Skills

• Experience in security consulting or managed services leadership (Big 4, MSSP, or global cyber provider preferred).

• CrowdStrike certifications (CCFA, CCFR, CCSA) or equivalent technical credentials.

• Familiarity with Defender Suite integration and hybrid XDR architecture.

• Knowledge of ROI modeling, efficiency metrics, and service-based automation frameworks.

• Strong business acumen and the ability to link detection and response outcomes to client risk reduction and value realization.

• Healthcare Coverage: Comprehensive medical, dental, and vision plans.

• Time Off and Leave Policies: Generous paid time off (PTO), paid company holidays, generous parental and family leave.

• Protective Insurances: Life insurance, short- and long-term disability coverage, and accident protection.

• Compensation and Rewards: Competitive salary structures, performance-based incentives, and merit-based compensation reviews.

• Retirement Plans: 401(k) plans with company matching.

Please note that benefits may vary by region, department and role. We encourage you to speak with your recruiter to learn more about the specific benefits available for your position.

About Kroll

Join the global leader in risk and financial advisory solutions—Kroll. With a nearly century-long legacy, we blend trusted expertise with cutting-edge technology to navigate and redefine industry complexities. As a part of One Team, One Kroll, you'll contribute to a collaborative and empowering environment, propelling your career to new heights. Ready to build, protect, restore and maximize our clients’ value? Your journey begins with Kroll.

We are proud to be an equal opportunity employer and will consider all qualified applicants regardless of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability.

The current salary range for this position is $150,000 to $200,000

#LI-CN1

#LI-Remote