[Remote] Senior Manager - SIEM SOAR Engineer

Note: The job is a remote job and is open to candidates in USA. Kroll is a global leader in risk and financial advisory solutions, and they are seeking a Senior Manager - SIEM SOAR Engineer to oversee a team in delivering CrowdStrike MDR and Next Gen SIEM implementations. The role involves designing delivery models, ensuring operational excellence, and enhancing client detection maturity through managed services.

Responsibilities

• Lead end-to-end delivery of CrowdStrike MDR and Next Gen SIEM (LogScale) implementations for enterprise and mid-market clients
• Define standard operating procedures, playbooks, and delivery frameworks for repeatable, scalable service delivery
• Manage and mentor detection engineers and consultants delivering client projects across CrowdStrike Falcon modules
• Oversee detection logic development, correlation rules, and SOC process optimization
• Partner with Kroll’s incident response and advisory teams to integrate post-incident detection enhancements into ongoing MDR operations
• Develop and maintain CrowdStrike baseline configurations, deployment templates, and automation accelerators (Terraform, Ansible, PowerShell)
• Interface directly with client executives and technical stakeholders to translate business risk into detection and response strategies
• Collaborate with technology alliances (CrowdStrike, Microsoft, etc.) on co-developed service offerings and go-to-market enablement
• Track delivery metrics, SLAs, and client satisfaction to continuously improve program maturity and profitability

Skills

• 7–10+ years of experience in cybersecurity delivery, operations, or consulting (preferably within MDR, SOC, or detection engineering programs)
• Proven track record leading teams deploying CrowdStrike Falcon and CrowdStrike LogScale technologies
• Strong understanding of SIEM/SOAR operations, detection logic, and threat response workflows
• Experience designing or maturing MDR service models (process, metrics, automation, and reporting)
• Proficiency in Terraform, PowerShell, or Python for automation and configuration management
• Deep familiarity with multi-tenant operations, Flight Control, and Azure Lighthouse environments
• Excellent communication and presentation skills—comfortable interfacing with client CISOs and technical teams alike
• Experience in security consulting or managed services leadership (Big 4, MSSP, or global cyber provider preferred)
• CrowdStrike certifications (CCFA, CCFR, CCSA) or equivalent technical credentials
• Familiarity with Defender Suite integration and hybrid XDR architecture
• Knowledge of ROI modeling, efficiency metrics, and service-based automation frameworks
• Strong business acumen and the ability to link detection and response outcomes to client risk reduction and value realization

Benefits

• Healthcare Coverage: Comprehensive medical, dental, and vision plans.
• Time Off and Leave Policies: Generous paid time off (PTO), paid company holidays, generous parental and family leave.
• Protective Insurances: Life insurance, short- and long-term disability coverage, and accident protection.
• Compensation and Rewards: Competitive salary structures, performance-based incentives, and merit-based compensation reviews.
• Retirement Plans: 401(k) plans with company matching.

Company Overview

Company H1B Sponsorship