[Remote] Senior Manager - SIEM SOAR Engineer
Note: The job is a remote job and is open to candidates in USA. Kroll is a global leader in risk and financial advisory solutions, and they are seeking a Senior Manager - SIEM SOAR Engineer to oversee a team in delivering CrowdStrike MDR and Next Gen SIEM implementations. The role involves designing delivery models, ensuring operational excellence, and enhancing client detection maturity through managed services.ResponsibilitiesLead end-to-end delivery of CrowdStrike MDR and Next Gen SIEM (LogScale) implementations for enterprise and mid-market clientsDefine standard operating procedures, playbooks, and delivery frameworks for repeatable, scalable service deliveryManage and mentor detection engineers and consultants delivering client projects across CrowdStrike Falcon modulesOversee detection logic development, correlation rules, and SOC process optimizationPartner with Kroll’s incident response and advisory teams to integrate post-incident detection enhancements into ongoing MDR operationsDevelop and maintain CrowdStrike baseline configurations, deployment templates, and automation accelerators (Terraform, Ansible, PowerShell)Interface directly with client executives and technical stakeholders to translate business risk into detection and response strategiesCollaborate with technology alliances (CrowdStrike, Microsoft, etc.) on co-developed service offerings and go-to-market enablementTrack delivery metrics, SLAs, and client satisfaction to continuously improve program maturity and profitabilitySkills7–10+ years of experience in cybersecurity delivery, operations, or consulting (preferably within MDR, SOC, or detection engineering programs)Proven track record leading teams deploying CrowdStrike Falcon and CrowdStrike LogScale technologiesStrong understanding of SIEM/SOAR operations, detection logic, and threat response workflowsExperience designing or maturing MDR service models (process, metrics, automation, and reporting)Proficiency in Terraform, PowerShell, or Python for automation and configuration managementDeep familiarity with multi-tenant operations, Flight Control, and Azure Lighthouse environmentsExcellent communication and presentation skills—comfortable interfacing with client CISOs and technical teams alikeExperience in security consulting or managed services leadership (Big 4, MSSP, or global cyber provider preferred)CrowdStrike certifications (CCFA, CCFR, CCSA) or equivalent technical credentialsFamiliarity with Defender Suite integration and hybrid XDR architectureKnowledge of ROI modeling, efficiency metrics, and service-based automation frameworksStrong business acumen and the ability to link detection and response outcomes to client risk reduction and value realizationBenefitsHealthcare Coverage: Comprehensive medical, dental, and vision plans.Time Off and Leave Policies: Generous paid time off (PTO), paid company holidays, generous parental and family leave.Protective Insurances: Life insurance, short- and long-term disability coverage, and accident protection.Compensation and Rewards: Competitive salary structures, performance-based incentives, and merit-based compensation reviews.Retirement Plans: 401(k) plans with company matching.Company OverviewKroll is a provider of risk solutions that helps clients make confident risk management decisions. It is a sub-organization of Vistra Group. It was founded in 1932, and is headquartered in New York, New York, USA, with a workforce of 5001-10000 employees. Its website is http://www.kroll.com/.Company H1B SponsorshipKroll has a track record of offering H1B sponsorships, with 1 in 2026, 21 in 2025, 14 in 2024, 10 in 2023, 15 in 2022, 7 in 2021. Please note that this does not guarantee sponsorship for this specific role.