Position: CrowdStrike Next-Gen SIEM Associate Consultant (Remote)
Crowd Strike, Inc.
Full time
R26940
As a global leader in cybersecurity, Crowd Strike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn't changed — we're here to stop breaches, and we've redefined modern security with the world's most advanced AI-native platform. Our customers span all industries, and they count on Crowd Strike to keep their businesses running, their communities safe and their lives moving forward.
We're also a mission-driven company. We cultivate a culture that gives every Crowd Striker both the flexibility and autonomy to own their careers. We're always looking to add talented Crowd Strikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters?
The future of cybersecurity starts with you.
About the Role:
The Next-Gen SIEM Associate Resident Consultant is an embedded technical advisor who partners closely with strategic customers to maximize the value of their Crowd Strike Next-Gen SIEM investment. This role combines technical expertise with strategic consulting to drive successful Next-Gen SIEM adoption, optimization, and ongoing operational excellence. The associate resident consultant is responsible for the planning, deployment, implementation, and operational support of the customer's Next-Gen SIEM environment.
What
You'll Do:
Customer Partnership & Strategy
• Serve as the primary technical advisor for assigned strategic customer accounts
• Develop and maintain trusted advisor relationships with customer security teams and leadership
• Understand customer security operations workflows, use cases, and business objectives
• Mentor customer teams on SIEM best practices and threat hunting techniques
Technical Implementation & Optimization
• Guide customers through Next-Gen SIEM deployment, configuration, and integration
• Optimize data ingestion strategies and log source configurations
• Design and implement custom detection rules, correlation searches, and use cases
• Develop dashboards, reports, and visualizations tailored to customer requirements
• Assist with migration of detection content from legacy SIEM platforms (Splunk, QRadar, etc.)
• Perform health checks and platform optimization reviews
• Troubleshoot complex technical issues and coordinate with engineering teams as needed
• Track and report on key performance indicators and success metrics
Identify opportunities for automation and workflow improvements
• Contribute to internal knowledge base and best practices documentation
What You'll Need:
Technical Skills
• 2+ years of experience in security operations, SIEM administration, or security engineering
• Familiarity with at least one major SIEM platform (Next-Gen SIEM, Log Scale, Splunk, QRadar, Sentinel, Chronicle, etc.)
• Understanding of query languages (SQL, SPL, KQL, CQL, or similar)
• Experience with detection engineering and correlation rule development
• Knowledge of common log sources (Windows, Linux, network devices, cloud platforms)
• Familiarity with scripting/automation (Python, Power Shell, Bash)
• Understanding of cloud security (AWS, Azure, GCP, OCI)
• Familiarity with endpoint detection and response (EDR) concepts
Soft Skills
• Exceptional communication skills with ability to explain technical concepts to varied audiences
• Strong presentation and training delivery capabilities
• Self-motivated with excellent time management and prioritization skills
• Customer-focused mindset with commitment to driving customer success
• Ability to work independently in a remote/embedded environment
• Strong problem-solving and analytical thinking abilities
Bonus Points:
• Experience with Crowd Strike Falcon platform and Next-Gen SIEM
• Crowd Strike certification (CCFA, CCFH, or similar)
• Previous consulting or customer-facing technical role experience
• Industry certifications (CISSP, GCIA, GCIH, CEH, or similar)
• Experience with SOAR platforms and security automation
• Knowledge of threat intelligence platforms and frameworks
#LI-DL1
#LI-Remote
This role may require the candidate to periodically undergo and pass alcohol and/or drug test(s) during the course of employment.
Benefi…