Ground every answer in facts on this page and the original listing. We never invent Glassdoor-style reviews or salaries that are not in our data.
Strong fit if you combine hands-on cloud security and CrowdStrike depth with senior leadership. Weaker fit if you prefer pure IC coding without advisory or managerial scope. Location is U.S.-based and not marked remote in the listing data.
As Senior Manager – Cloud Security Engineer (CrowdStrike) at Kroll, you would likely own cloud security design and operations with CrowdStrike tooling, guide engineers and client-facing advisors, harden cloud estates, and help turn detections into clear risk guidance for stakeholders.
Prioritize CrowdStrike (EDR/XDR), cloud security on major platforms (IAM, logging, network controls), detection engineering, and incident response basics. Leadership skills matter for a senior manager path: mentoring, prioritization, and clear risk communication. No specific cert list was provided for this family.
The listing marks remote as no; treat it as U.S.-based unless Kroll clarifies hybrid options later.
The title centers on cloud security engineering with CrowdStrike, under a senior manager level.
See Kroll’s Cyber Strategy and Advisory conversations and kroll.com for practice context.
Website: kroll.com
Public cache only — not an employee review.
Kroll is seeking a Senior Manager – Cloud Security Engineer (CrowdStrike) to launch and lead its Falcon Cloud Security deployment practice for clients across the United States. This is a hands-on, player-coach role for an engineer who wants to architect cloud-native defenses while mentoring the next generation of consultants. About the Role Within Kroll's Cyber & Data Resilience capability, you will build and run the practice responsible for deploying, configuring, integrating, and tuning CrowdStrike Falcon Cloud Security end-to-end inside each client's Falcon tenant. Falcon Cloud Security is a unified Cloud-Native Application Protection Platform (CNAPP) covering CSPM, CWP, CIEM, KSPM, ASPM, DSPM, IaC scanning, and container and Kubernetes runtime protection across AWS, Azure, and Google Cloud. Reporting into the Engineered Defense / Tech Transformation leadership team, you will personally drive engagement delivery while guiding junior consultants and collaborating with CrowdStrike account teams on scoping. The position is full-time and based in the United States. Key Responsibilities Onboard client AWS, Azure, and GCP environments to Falcon Cloud Security at scale using CloudFormation StackSets, Bicep / Entra ID integrations, and GCP service account patterns. Deploy the Falcon sensor across VMs, container hosts, and Kubernetes nodes, and stand up agentless snapshot scanning to close coverage gaps. Roll out the Kubernetes Admission Controller, container image registry scanning, IaC scanning, and serverless protection into client CI/CD pipelines. Configure CSPM, CWP, KSPM, ASPM, DSPM, and CIEM policies, including IOM and IOA rules, compliance frameworks (CIS, NIST, PCI-DSS, HIPAA, SOC 2), and ExPRT.AI risk prioritization. Ingest cloud telemetry into Falcon Next-Gen SIEM (LogScale) and build detection content mapped to the MITRE ATT&CK Cloud Matrix. Develop Falcon Fusion SOAR playbooks and integrate with Falcon Identity Protection, Insight (EDR), AIDR, and Charlotte AI workflows. Tune IOM/IOA policies and validate detection coverage through controlled adversary emulation. Qualifications Deep hands-on expertise with CrowdStrike Falcon Cloud Security and the broader Falcon platform. Strong working knowledge of AWS, Azure, and GCP architecture, identity, and logging. Proven experience with Kubernetes, container security, IaC, and CI/CD integrations. Detection engineering skills, including CQL and MITRE ATT&CK-aligned content development. Demonstrated ability to lead delivery while mentoring consultants and…
Generated for personal interview prep · 2026-07-15 UTC · getajob.ai