At Kroll, we provide reactive, advisory, transformation, and managed security services to support clients at every stage of their path toward cyber and data resilience maturity. Our experts bring decades of experience in cyber risk consultancy, helping organizations across the world simplify and reduce the complexity of implementing, transforming, and managing their cyber programs. Through our strategic multi-year partnership with CrowdStrike, we combine world-class investigative expertise with an AI-native platform to redefine the future of managed detection and response, delivering faster outcomes, stronger protection, and greater resilience for organizations worldwide.

Role Summary

The Engineered Defense capability is seeking a specialist Director to drive our CrowdStrike consulting services. You will act as a trusted advisor to CISOs and executive stakeholders across financial services, consumer goods, and critical infrastructure sectors. This role focuses heavily on the architecture and deployment of CrowdStrike technologies (including Falcon Complete and LogScale Next-Gen SIEM), conducting advanced compromise and hygiene assessments, threat hunting, and modernizing Security Operations Centers (SOC).

Key Responsibilities:

• Lead complex, large-scale CrowdStrike deployments and architecture designs, including highly complex or OT-heavy enterprise environments spanning hundreds of thousands of endpoints.

• Direct and execute Compromise and Hygiene Assessments leveraging CrowdStrike Falcon to establish visibility, identify active threats, and deliver actionable intelligence to executive leadership.

• Modernize client detection infrastructures by engineering pipelines to collect, standardize, and forward events into Next-Gen SIEMs, specifically CrowdStrike LogScale.

• Provide premier SOC consulting services, including the design, launch, and operationalization of 24/7 global Security Operations Centers, complete with automated quality assurance frameworks.

• Lead advanced threat hunting initiatives and annual Purple Team exercises to validate logging, uncover emerging attacker tactics, and close detection gaps.

• Design and implement Cyber Analytics programs that translate technical metrics into board-level security reporting, securing executive buy-in and organizational funding.

• Serve as an Incident Commander during active breaches, coordinating with stakeholders and maintaining business continuity throughout containment and recovery.

Requirements:

• 10+ years of hands-on experience in cybersecurity, specifically building and scaling global Security Operations Centers and leading enterprise-wide incident response programs.

• Deep expertise in the CrowdStrike ecosystem (Falcon, OverWatch, Spotlight, LogScale).

• Demonstrated ability to manage cross-functional teams and communicate complex cyber risk to the C-suite and Board of Directors.

• Strong background in network and detection engineering (YARA, SIGMA, Zeek, Suricata, Detection-as-Code).

• Proficiency in programming and scripting (Python, SQL, Bash) for security automation and tool development.

• Bachelor’s degree in a relevant field or equivalent professional experience.

Preferred Qualifications:

• Proven experience developing and deploying AI-driven security innovations, such as autonomous detection engineering, AI-powered YARA agents, or XSOAR machine learning integrations.

• Recognized subject matter expertise in AI threats, adversarial obfuscation, and prompt injection (e.g., speaking engagements at major conferences like FS-ISAC).

• Prior experience in a professional services or consulting firm, including client onboarding, architecture discussions, and pre-sales scoping.

• Active or prior industry certifications (e.g., GCIA, CISSP).

Your recruiter will be happy to walk you through your U.S.-specific benefits, which include:

• Healthcare Coverage: Comprehensive medical, dental, and vision plans.

• Time Off and Leave Policies: Generous paid time off (PTO), paid company holidays, generous parental and family leave.

• Protective Insurances: Life insurance, short- and long-term disability coverage, and accident protection.

• Compensation and Rewards: Competitive salary structures, performance-based incentives, and merit-based compensation reviews.

• Retirement Plans: 401(k) plans with company matching.

Please note that benefits may vary by region, department and role. We encourage you to speak with your recruiter to learn more about the specific benefits available for your position.

About Kroll

Join the global leader in risk and financial advisory solutions—Kroll. With a nearly century-long legacy, we blend trusted expertise with cutting-edge technology to navigate and redefine industry complexities. As a part of One Team, One Kroll, you'll contribute to a collaborative and empowering environment, propelling your career to new heights. Ready to build, protect, restore and maximize our clients’ value? Your journey begins with Kroll.

In order to be considered for a position, you must formally apply via careers.kroll.com.

We are proud to be an equal opportunity employer and will consider all qualified applicants regardless of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability.

The current salary range for this position is $150,000 to $250,000

#LI-CN1

#LI-Remote