Director, Cyber Engineered Defense (CrowdStrike Services)

Kroll is a global leader in risk and financial advisory solutions, providing managed security services to enhance cyber resilience for clients. The Director of Cyber Engineered Defense will lead CrowdStrike consulting services, acting as an advisor to executive stakeholders while focusing on advanced threat assessments and modernizing Security Operations Centers.

Responsibilities:

• Lead complex, large-scale CrowdStrike deployments and architecture designs, including highly complex or OT-heavy enterprise environments spanning hundreds of thousands of endpoints
• Direct and execute Compromise and Hygiene Assessments leveraging CrowdStrike Falcon to establish visibility, identify active threats, and deliver actionable intelligence to executive leadership
• Modernize client detection infrastructures by engineering pipelines to collect, standardize, and forward events into Next-Gen SIEMs, specifically CrowdStrike LogScale
• Provide premier SOC consulting services, including the design, launch, and operationalization of 24/7 global Security Operations Centers, complete with automated quality assurance frameworks
• Lead advanced threat hunting initiatives and annual Purple Team exercises to validate logging, uncover emerging attacker tactics, and close detection gaps
• Design and implement Cyber Analytics programs that translate technical metrics into board-level security reporting, securing executive buy-in and organizational funding
• Serve as an Incident Commander during active breaches, coordinating with stakeholders and maintaining business continuity throughout containment and recovery

Requirements:

• 10+ years of hands-on experience in cybersecurity, specifically building and scaling global Security Operations Centers and leading enterprise-wide incident response programs
• Deep expertise in the CrowdStrike ecosystem (Falcon, OverWatch, Spotlight, LogScale)
• Demonstrated ability to manage cross-functional teams and communicate complex cyber risk to the C-suite and Board of Directors
• Strong background in network and detection engineering (YARA, SIGMA, Zeek, Suricata, Detection-as-Code)
• Proficiency in programming and scripting (Python, SQL, Bash) for security automation and tool development
• Bachelor's degree in a relevant field or equivalent professional experience
• Proven experience developing and deploying AI-driven security innovations, such as autonomous detection engineering, AI-powered YARA agents, or XSOAR machine learning integrations
• Recognized subject matter expertise in AI threats, adversarial obfuscation, and prompt injection (e.g., speaking engagements at major conferences like FS-ISAC)
• Prior experience in a professional services or consulting firm, including client onboarding, architecture discussions, and pre-sales scoping
• Active or prior industry certifications (e.g., GCIA, CISSP)