Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Manager - Cloud Security Engineer (CrowdStrike)

$150k - $200k

At Kroll, we provide reactive, advisory, transformation, and managed security services to support clients at every stage of their path toward cyber and data resilience maturity. Our experts bring decades of experience in cyber risk consultancy, helping organizations across the world simplify and reduce the complexity of implementing, transforming, and managing their cyber programs. Through our strategic multi-year partnership with CrowdStrike, we combine world-class investigative expertise with an AI-native platform to redefine the future of managed detection and response, delivering faster outcomes, stronger protection, and greater resilience for organizations worldwide.

The Cyber & Data Resilience capability is hiring a Manager or Senior Manager to build and lead Kroll's CrowdStrike Falcon Cloud Security deployment practice . Falcon Cloud Security is the industry's first unified Cloud-Native Application Protection Platform (CNAPP), spanning CSPM, CWP, CIEM, KSPM, ASPM, DSPM, IaC scanning, and container and Kubernetes runtime protection across AWS, Azure, and Google Cloud — delivered through one sensor and one console, with both agent-based and agentless coverage.

Kroll clients need a partner who can deploy, configure, integrate, and tune Falcon Cloud Security end-to-end inside their Falcon tenant — registering cloud accounts at scale across AWS Organizations, Azure tenants, and GCP projects; rolling out runtime protection across VMs, containers, and Kubernetes; wiring cloud log telemetry into Falcon Next-Gen SIEM for detection engineering; building Fusion SOAR playbooks for cloud-native response; and tuning IOM (Indicators of Misconfiguration) and IOA (Indicators of Attack) policies to maximize signal and minimize noise in each client's cloud estate.

This is a player-coach role . The “Manager” or “Senior Manager” title does not mean hands-off oversight. You will personally lead engagement delivery — onboarding cloud accounts, deploying sensors and admission controllers, configuring CNAPP modules, building detection content, and integrating with the broader Falcon stack — while mentoring junior consultants and partnering with CrowdStrike account teams on scoping.

This role reports into the Engineered Defense / Tech Transformation leadership team and partners closely with Kroll’s Identity, Next-Gen SIEM, AIDR, and CrowdStrike Services delivery teams.

Deploy

  • Onboard client AWS, Azure, and GCP environments to Falcon Cloud Security at scale — using AWS CloudFormation StackSets across AWS Organizations, Bicep / Entra ID integrations for Azure tenants and management groups, and service account patterns for GCP projects and folders.

  • Deploy the Falcon sensor across cloud workloads — EC2 / Azure VMs / GCE instances, container hosts, Kubernetes nodes — and stand up agentless snapshot-based scanning to fill coverage gaps.

  • Deploy the Kubernetes Admission Controller to enforce pre-runtime policy on workload admission across EKS, AKS, GKE, and self-managed Kubernetes.

  • Roll out container image registry scanning and IaC scanning (Terraform, CloudFormation, ARM/Bicep, Kubernetes manifests, Helm) into client CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, Azure DevOps).

  • Enable serverless protection for AWS Lambda, Azure Functions, and GCP Cloud Functions.

  • Stand up CIEM across cloud identity providers (IAM users, roles, service accounts, managed identities) for least-privilege analysis.

Configure

  • Configure CSPM policies — IOM rules, custom misconfiguration detections, compliance frameworks (CIS Benchmarks, NIST, PCI-DSS, HIPAA, SOC 2), and exception management.

  • Configure CWP runtime policies — IOA detections, prevention policies, container runtime protection, drift detection.

  • Configure KSPM policies — Kubernetes posture, pod security standards, admission control rules, RBAC analysis.

  • Configure ASPM and DSPM policies for application-security posture and data-security posture across cloud data stores.

  • Configure CIEM — effective permission analysis, toxic combinations, privilege right-sizing, service-account hygiene.

  • Configure ExPRT.AI risk prioritization to surface attack paths and toxic combinations across CSPM/CWP/CIEM signals.

  • Build and tune custom detection content (IOAs, IOMs, CQL queries) for cloud-native attack techniques mapped to MITRE ATT&CK Cloud Matrix.

Integrate

  • Ingest cloud log telemetry into Falcon Next-Gen SIEM (LogScale) — AWS CloudTrail, GuardDuty findings, VPC Flow Logs, S3 access logs; Azure Activity Log, Defender for Cloud alerts, NSG Flow Logs, Entra ID sign-in logs; GCP Audit Logs, VPC Flow Logs, Security Command Center findings; EKS / AKS / GKE control plane logs; Kubernetes audit logs.

  • Build detection engineering content in Next-Gen SIEM correlating Falcon Cloud Security findings with cloud provider native logs, endpoint telemetry, and identity events for full attack-path visibility.

  • Build Falcon Fusion SOAR playbooks for cloud-native response actions: quarantine compromised workload, revoke IAM credential, isolate Kubernetes pod, remediate misconfiguration via IaC pull request, trigger MFA via Falcon Identity Protection.

  • Integrate Falcon Cloud Security with Falcon Identity Protection for cross-domain correlation between cloud workload activity and identity risk.

  • Integrate Falcon Cloud Security with Falcon Insight (EDR) for unified endpoint + cloud workload protection.

  • Integrate Falcon Cloud Security with Falcon AIDR for AI workload runtime protection in Kubernetes.

  • Build Charlotte AI prompts and agentic workflows for cloud event triage, misconfiguration remediation guidance, and executive cloud-risk reporting.

Tune and Operate

  • Tune IOM and IOA policies to reduce false positives without sacrificing detection efficacy.

  • Tune ExPRT.AI prioritization and attack path analysis to client risk tolerance and remediation capacity.

  • Optimize sensor performance and agentless scan cadence for cost and coverage balance.

  • Validate detection coverage through controlled adversary emulation against the MITRE ATT&CK Cloud Matrix.

  • Hand off operational runbooks to client cloud security teams and Kroll Managed Services for ongoing operation.

Advise (scoped to the platform)

  • Advise client cloud platform, DevSecOps, and SOC engineering teams on Falcon Cloud Security deployment architecture — agent vs. agentless coverage decisions, account onboarding patterns, Kubernetes admission control posture, IaC scanning policy in CI/CD, and integration with existing Falcon modules.

  • Partner with CrowdStrike account teams on Falcon Cloud Security pre-sales scoping, solution design, proof-of-value engagements, and joint go-to-market motions.

Build the Practice

  • Develop reusable Falcon Cloud Security deployment runbooks, configuration templates (Terraform, Bicep), integration patterns, Fusion SOAR playbook libraries, custom IOM/IOA detection libraries, and Charlotte AI workflow templates.

  • Mentor consultants on Falcon Cloud Security deployment and integration.

Hiring Requirements:

  • 5+ years (Manager) or 7+ years (Senior Manager) of hands-on experience deploying, configuring, and operating cloud security tooling in enterprise environments — with a meaningful concentration in CNAPP, CSPM, CWP, or container/Kubernetes security.

  • Hands-on deployment experience with the CrowdStrike Falcon platform — direct experience with Falcon Cloud Security (CSPM, CWP, CIEM, KSPM, IaC scanning) is required. Equivalent hands-on with a competing CNAPP (Wiz, Prisma Cloud, Lacework, Aqua, Sysdig, Orca) plus willingness to ramp on Falcon Cloud Security is acceptable.

  • Demonstrated experience deploying, configuring, and integrating cloud security platforms across AWS, Azure, and GCP — not just operating them post-deployment. Working depth across at least two of the three hyperscalers is required.

  • Hands-on with Kubernetes security — EKS, AKS, GKE, or self-managed; Pod Security Standards; admission controllers; RBAC; container runtime protection.

  • Hands-on with Infrastructure as Code — Terraform (required), CloudFormation, ARM/Bicep, Helm — and IaC security scanning in CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, Azure DevOps).

  • Strong working knowledge of cloud log analysis — AWS CloudTrail, GuardDuty, VPC Flow Logs; Azure Activity Log, Defender for Cloud, Entra ID sign-in logs; GCP Audit Logs, VPC Flow Logs, Security Command Center; Kubernetes audit logs; EKS / AKS / GKE control plane logs.

  • Working knowledge of cloud-native attack tradecraft mapped to MITRE ATT&CK Cloud Matrix — cloud credential theft, IMDS abuse, role chaining, container escape, Kubernetes RBAC abuse, S3 / blob storage exfiltration, supply-chain attacks on container images and IaC.

  • Hands-on scripting and query proficiency: Python, Bash, PowerShell, CQL (CrowdStrike Query Language) ; KQL a plus.

  • Experience building Falcon Fusion SOAR playbooks, Charlotte AI workflows, or equivalent automation content on the Falcon platform.

  • Prior consulting delivery experience — scoping, leading, and personally executing cloud security deployment engagements for external clients.

  • Bachelor’s degree in a relevant field or equivalent professional experience.

A note on experience: The years of experience above are guidelines, not gates. We will strongly consider candidates with fewer years who bring CCCS certification plus demonstrable hands-on Falcon Cloud Security deployment experience across multiple hyperscalers. Skill and certification can offset tenure.

Preferred Qualifications

  • CrowdStrike Certified Cloud Specialist (CCCS) certification — strongly preferred . Candidates without CCCS at hire will be expected to certify within their first 90 days.

  • Additional CrowdStrike credentials: CCFA, CCFR, CCSA, CCSE, CCIS.

  • Cloud-native security certifications (one or more strongly preferred): AWS Certified Security – Specialty , Microsoft Certified: Azure Security Engineer Associate (AZ-500) , Google Cloud Professional Cloud Security Engineer , Certified Kubernetes Security Specialist (CKS) , Certified Kubernetes Administrator (CKA) .

  • Foundational cloud certifications: AWS Solutions Architect (Associate or Professional), Azure Administrator / Solutions Architect Expert, Google Cloud Professional Cloud Architect.

  • Industry security certifications: CCSP (Certified Cloud Security Professional), CISSP, GCSA (GIAC Cloud Security Automation), GCLD (GIAC Cloud Security Essentials).

  • Experience deploying and tuning Falcon Next-Gen SIEM / LogScale content for cloud detection engineering (parsers, correlation rules, dashboards, case management).

  • Experience building production Falcon Fusion SOAR playbooks for cloud response at scale.

  • Experience building Charlotte AI prompts and agentic workflows for cloud security use cases.

  • Experience with competing CNAPPs (Wiz, Prisma Cloud, Lacework, Aqua, Sysdig, Orca) — particularly migration experience from those platforms to Falcon Cloud Security.

  • Hands-on with service mesh (Istio, Linkerd), secrets management (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, GCP Secret Manager), and policy-as-code (OPA / Rego, Kyverno).

  • Prior consulting experience at a tier-1 firm with a CrowdStrike-focused or cloud security delivery practice (Big 4 cloud security teams, CrowdStrike Services, Mandiant, Unit 42, or equivalent).

  • Experience supporting cloud security M&A due diligence, post-acquisition cloud tenant consolidation, or cloud migration security.

  • Healthcare Coverage: Comprehensive medical, dental, and vision plans.

  • Time Off and Leave Policies: Generous paid time off (PTO), paid company holidays, generous parental and family leave.

  • Protective Insurances: Life insurance, short- and long-term disability coverage, and accident protection.

  • Compensation and Rewards: Competitive salary structures, performance-based incentives, and merit-based compensation reviews.

  • Retirement Plans: 401(k) plans with company matching.

Please note that benefits may vary by region, department and role. We encourage you to speak with your recruiter to learn more about the specific benefits available for your position.

About Kroll

Join the global leader in risk and financial advisory solutions—Kroll. With a nearly century-long legacy, we blend trusted expertise with cutting-edge technology to navigate and redefine industry complexities. As a part of One Team, One Kroll, you'll contribute to a collaborative and empowering environment, propelling your career to new heights. Ready to build, protect, restore and maximize our clients’ value? Your journey begins with Kroll.

We are proud to be an equal opportunity employer and will consider all qualified applicants regardless of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability.

The current salary range for this position is $150,000 to $200,000

#LI-CN1

#LI-Remote

Vacancy posted a month ago
Similar jobs that could be interesting for youBased on the Senior Manager - Cloud Security Engineer (CrowdStrike) in United States vacancy
  •  ...Job Description Job Description Aquinas Consulting is currently looking to fill a Senior Manager, Cloud Security Architect Job in Bethesda, MD. This CONTRACT hire job is available with one of our key clients in the hospitality industry. In this role, you will be responsible... 
    Senior
    Contract work

    Aquinas Consulting

    Bethesda, MD
    5 days ago
  • $240k - $280k

    Role Description As the Security Engineering Manager, you will lead the team responsible for our flagship product and defend our entire organization and product infrastructure. You will manage our Security Engineering function, spanning Application, Infrastructure, and... 
    Senior
    Full time

    Material Security

    Remote
    21 hours ago
  •  ...role. Defines the architecture and technical direction for cloud security, improving posture and tooling at org scale — designing for...  ...event-driven pipelines, API contracts, data models) that other engineers build on — establishing the foundational approach for how... 
    Senior
    Work experience placement
    Immediate start
    Shift work

    Vanguard

    Malvern, PA
    5 days ago
  •  ...Role: Senior Cloud Security Engineer Location: Warren NJ (Hybrid) About the Role We're hiring a Senior Cloud Security Engineer to...  ...permissions, consent governance, service principals and managed identities, credential and secret hygiene, and least-privilege... 
    Senior

    United IT Solutions

    Warren, NJ
    1 day ago
  •  ...Senior Cloud Security Engineer A hands-on technical leader embedded within the Infrastructure team, responsible for securing enterprise systems...  ...environments across IaaS and PaaS workloads Configure and manage Azure-native security controls, including identity... 
    Senior

    Calibro Corp.

    Raleigh, NC
    3 days ago
  •  ...technology solutions connecting the space, air, land, sea and cyber domains in the interest of national security. Job Title: Senior Manager, Info Security Systems Engineering Job Code: 40062 Job Location: Greenville, TX Job Schedule: 9/80 - Employees work 9 out of... 
    Senior
    Local area
    Remote work

    L3Harris

    Greenville, TX
    1 day ago
  •  ...Senior Cloud Security Engineer This is a senior level security engineer role and they expect to see candidates who have supported application firewalls...  ...tooling and automation frameworks Design, deploy, and manage highly available, secure, and scalable cloud security... 
    Senior
    Remote work

    Talent Software Services

    United States
    2 days ago
  • $216.68k - $269.17k

     ...unique technical challenges at scale, and helping to create safer, more civil shared experiences for everyone. As a Senior Cloud Security Engineer, you will define and implement the security strategy and controls across our hybrid and multi-cloud environment. Embedded... 
    Senior
    Full time
    Work experience placement
    H1b
    Work at office
    Local area
    Visa sponsorship
    Monday to Friday

    Roblox

    San Mateo, CA
    3 days ago
  • $187k - $220k

     ...Senior Cloud Security Engineer Bellevue, WA Join Us In Building The Future Of Finance Our mission is to democratize finance for all. An estimated...  ...contributor to the company's least privilege objective to manage network traffic and reduce the level of access that... 
    Senior
    Work at office
    Flexible hours
    Shift work
    3 days per week

    Robinhood

    Bellevue, WA
    1 day ago
  •  ...Senior Cloud Security Engineer Denver, CO or Long Beach, CA or SF Bay Area, CA True Anomaly delivers decisive capabilities for space superiority...  ...(AWS Private CA, AD CS), certificate lifecycle management, mTLS for service-to-service authentication, and load balancer... 
    Senior

    True Anomaly

    Long Beach, CA
    2 days ago
  • $106.9k - $147k

     ...Senior Cloud Network Security Engineer Join our team as a Senior Cloud Network Security Engineer! We are looking for an experienced professional with expertise in managing GCP Next-Generation Firewalls (NGFW), Azure Network Security Groups (NSGs), and the Prisma Cloud... 
    Senior
    Full time
    Temporary work
    For contractors
    Apprenticeship
    Work at office
    Remote work
    Work from home
    Home office
    Shift work

    Humana, Inc.

    United States
    1 day ago
  • $166k - $220k

     ...Security Engineer Anduril Industries is a defense technology company with a mission to transform...  ...defensive security controls across cloud, network, production, and corporate infrastructure...  ...with log aggregation, secrets management, or endpoint security tools Strong... 
    Senior
    Full time
    Work experience placement
    Immediate start

    Colorwave Inc

    Washington DC
    21 hours ago
  • $150k - $180k

     ...remarkable global performance and enable consumers to enjoy a seamless, effortless lifestyle. Overview: The Senior Cloud Security Engineer strengthens the security of our cloud environments through hands-on engineering: identifying and remediating risk, improving... 
    Senior
    Local area
    Worldwide

    TP-Link Systems Inc.

    Irvine, CA
    1 day ago
  • $178.5k

    Role Description Working on the Security Functional Team, you'll play a pivotal role...  ...SERP security mitigations As a Senior Web Security Engineer, Browser Platform , you'll: ~...  ...pages, DuckAI integrations, password manager, etc.) ~Execute on SERP security mitigations... 
    Senior
    Full time
    Work at office
    Remote work

    DuckDuckGo

    Remote
    7 days ago
  •  ...Implement Privileged Identity Management (PIM) to enforce just-in-time...  ..., Office 365, Identity, and Cloud) to investigate and remediate...  ...components of the Microsoft security and management ecosystem designed...  ...Certified Azure Security Engineer Associate (AZ-500) (Preferred... 
    Senior
    For contractors
    Work at office

    3B Staffing LLC

    Arlington, VA
    1 day ago
  • $190k - $250k

     ...Senior Cloud Security Engineer Kodiak Robotics, Inc. was founded in 2018 and has become a leader in autonomous ground transportation committed...  ...and automated policy enforcement Identity and secrets management Architect systems that protect sensitive assets including... 
    Senior
    Temporary work
    Work at office
    Visa sponsorship
    Flexible hours

    Kodiak

    Mountain View, CA
    4 days ago
  •  ...Dedicated Resource We are seeking an experienced IT Project Manager and Application Support Specialist to lead technology efforts...  ...complex website, application, and database connectivity issues. ~Cloud Modernization & Data Analysis: Conduct assessments of current... 
    Senior
    Full time
    Remote work
    Monday to Friday

    Omm IT Solutions

    Remote
    3 days ago
  • $180k - $230k

     ...seasoned and highly skilled Sr. Product Security Engineer - Customer Platform to join our growing...  ...of our organization's systems, cloud infrastructure, products, and data. This...  ...controls, audit and logging, encryption / key management) ~Build and maintain security... 
    Senior
    Full time
    Fixed term contract
    Flexible hours

    Valon Tech

    Remote
    4 days ago
  • $86.5k - $129.9k

    Role Description We are hiring a senior engineer to maintain and extend a large full-stack Governance...  ...~Audit/reporting workflows ~Local/cloud deployment infrastructure The...  ...workflows ~Database migrations ~Security controls ~AI-assisted analysis ~Scanner... 
    Senior
    Full time
    Temporary work
    Local area
    Flexible hours

    Guidehouse

    Remote
    5 days ago
  • $165k - $267.5k

     ...precision that drives great outcomes. Job Summary CyberArk LP @ Palo Alto Networks is seeking an Engineering Manager to lead a high‑impact team building cloud platform services that secure machine identities at enterprise scale. You will drive the development of distributed... 
    Full time
    Work at office

    Dormont Manufacturing Company

    California, MO
    16 hours ago
  • $115k - $203k

     ...Senior Cloud Platform Security Engineer Job Description Overview CoStar Group is a leading global provider of commercial and residential real...  ..., admission control, network policy, and secrets management. Drive sensor coverage validation, incident response readiness... 
    Senior
    Hourly pay
    Full time
    Work at office
    Work from home
    Monday to Thursday

    CoStar Realty Information, Inc.

    Arlington, VA
    21 hours ago
  • $100k - $110k

     ...Description The Sr. Cloud Security Engineer plays a key role in securing the organization's multi...  ...through Cloud Security Posture Management (CSPM) and workload protection tools....  ...Savings Plan (401k). All Level 38 and more senior roles may also be eligible for non-qualified... 
    Senior
    Full time
    Temporary work
    Local area
    Visa sponsorship
    Work visa
    Flexible hours

    WTW

    Atlanta, GA
    3 hours ago
  •  ...exciting opportunity within the Security Trust and Risk (STAR)...  ..., enterprise risk management, creating metrics and reporting...  ...About the role: The Senior Manager, Security Risk Engineering is a senior information security...  ..., LLM integrations, and cloud data pipelines, embedding... 
    Senior
    Full time

    Klaviyo

    Boston, MA
    3 hours ago
  • $131k - $271.6k

     ...team that wants you to grow and succeed. SAP NS2 Senior Cloud Security Engineer-TS/SCI + poly Onsite - Chantilly, VA Active TS SCI with...  ...sponsorships for this role. All internals must have manager’s approval to transfer. The NS2 Senior Cloud Security... 
    Senior
    Permanent employment
    Full time
    Worldwide
    Flexible hours

    SAP

    Virginia
    1 day ago
  •  ...Title Sr Cloud Security Engineer Location/Work Setting Austin, TX / On-Sight (MANDATORY) Duration...  ...Support incident response, vulnerability remediation, and risk management initiatives. Deliver clear, professional communications... 
    Senior

    3B Staffing LLC

    Austin, TX
    3 days ago
  •  ...DESCRIPTION We are seeking a Head of Cloud Lake, Storage, and Compute Platform...  ...products and solutions. As a Senior Director of Software Engineering at JPMorgan Chase within the Consumer...  ...you lead multiple technical areas, manage the activities of multiple departments... 
    Senior

    J.P. Morgan

    Columbus, OH
    14 days ago
  • $118.45k - $260.59k

     ...at a time. POSITION SUMMARY CVS Health is seeking a Senior Manager, Application Security Engineering to lead enterprise application security, vulnerability...  ...controls that enable secure software delivery across cloud-native, hybrid, and legacy environments. Drive adoption... 
    Senior
    Hourly pay
    Full time
    Temporary work
    Work experience placement
    Local area
    Remote work

    CVS Health

    Connecticut
    4 days ago
  • $100k - $131.5k

     ...Cloud Security Engineer BJ's is seeking a Cloud Security Engineer to help secure and operate our cloud environments across AWS, Azure, and...  ...Support and continuously improve enterprise vulnerability management and patching workflows, including SLAs, exception handling... 
    Senior
    Work at office
    Remote work
    Monday to Friday

    BJ's Wholesale Club

    Marlborough, MA
    2 days ago
  •  ...Sr Cloud Security Engineer -Seeking a Sr Cloud Security Engineer who understand Security. Main focus is AWS and intimate knowledge of AWS...  ...monitored deployed servers to keep security whole. Help set up and manage the Cloud Security Platform Management tool they are in... 
    Senior
    Remote work
    Flexible hours
    Shift work

    inSync Staffing

    United States
    14 hours ago
  •  ...seeking to hire a qualified individual to join our team as a Senior Cloud Cyber Security Engineer - Remote. Cloud Security Architecture and Design: ~...  ...security assessment. Identity and Access Management: ~Develop and implement cloud-specific identity and access... 
    Senior
    Full time
    Temporary work
    Remote work
    Flexible hours

    Sentara Health

    Remote
    6 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Manager - Cloud Security Engineer (CrowdStrike). Be the first to apply!