Senior Manager - SIEM SOAR Engineer

About The Position

Requirements

• 7–10+ years of experience in cybersecurity delivery, operations, or consulting (preferably within MDR, SOC, or detection engineering programs).
• Proven track record leading teams deploying CrowdStrike Falcon and CrowdStrike LogScale technologies.
• Strong understanding of SIEM/SOAR operations, detection logic, and threat response workflows.
• Experience designing or maturing MDR service models (process, metrics, automation, and reporting).
• Proficiency in Terraform, PowerShell, or Python for automation and configuration management.
• Deep familiarity with multi-tenant operations, Flight Control, and Azure Lighthouse environments.
• Excellent communication and presentation skills—comfortable interfacing with client CISOs and technical teams alike.

Nice To Haves

• Experience in security consulting or managed services leadership (Big 4, MSSP, or global cyber provider preferred).
• CrowdStrike certifications (CCFA, CCFR, CCSA) or equivalent technical credentials.
• Familiarity with Defender Suite integration and hybrid XDR architecture.
• Knowledge of ROI modeling, efficiency metrics, and service-based automation frameworks.
• Strong business acumen and the ability to link detection and response outcomes to client risk reduction and value realization.

Responsibilities

• Lead end-to-end delivery of CrowdStrike MDR and Next Gen SIEM (LogScale) implementations for enterprise and mid-market clients.
• Define standard operating procedures, playbooks, and delivery frameworks for repeatable, scalable service delivery.
• Manage and mentor detection engineers and consultants delivering client projects across CrowdStrike Falcon modules.
• Oversee detection logic development, correlation rules, and SOC process optimization.
• Partner with Kroll’s incident response and advisory teams to integrate post-incident detection enhancements into ongoing MDR operations.
• Develop and maintain CrowdStrike baseline configurations, deployment templates, and automation accelerators (Terraform, Ansible, PowerShell).
• Interface directly with client executives and technical stakeholders to translate business risk into detection and response strategies.
• Collaborate with technology alliances (CrowdStrike, Microsoft, etc.) on co-developed service offerings and go-to-market enablement.
• Track delivery metrics, SLAs, and client satisfaction to continuously improve program maturity and profitability.

Benefits

• Comprehensive medical, dental, and vision plans.
• Generous paid time off (PTO), paid company holidays, generous parental and family leave.
• Life insurance, short- and long-term disability coverage, and accident protection.
• Competitive salary structures, performance-based incentives, and merit-based compensation reviews.
• 401(k) plans with company matching.