What you'd actually do

Serve as the primary technical advisor for assigned strategic customer accounts

Develop and maintain trusted advisor relationships with customer security teams and leadership

Understand customer security operations workflows, use cases, and business objectives

Mentor customer teams on SIEM best practices and threat hunting techniques

Guide customers through Next-Gen SIEM deployment, configuration, and integration

Skills

Required

8+ years of experience in security operations, SIEM administration, or security engineering
Familiarity with at least one major SIEM platform (Next-Gen SIEM, LogScale, Splunk, QRadar, Sentinel, Chronicle, etc.)
Understanding of query languages (SQL, SPL, KQL, CQL, or similar)
Experience with detection engineering and correlation rule development
Knowledge of common log sources (Windows, Linux, network devices, cloud platforms)
Familiarity with scripting/automation (Python, PowerShell, Bash)
Understanding of cloud security (AWS, Azure, GCP, OCI)
Familiarity with endpoint detection and response (EDR) concepts
Exceptional communication skills with ability to explain technical concepts to varied audiences
Strong presentation and training delivery capabilities
Self-motivated with excellent time management and prioritization skills
Customer-focused mindset with commitment to driving customer success
Ability to work independently in a remote/embedded environment
Strong problem-solving and analytical thinking abilities

Nice to have

Familiarity with several major SIEM platforms (Next-Gen SIEM, LogScale, Splunk, QRadar, Sentinel, Chronicle, etc.)
Experience with CrowdStrike Falcon platform and Next-Gen SIEM
CrowdStrike certification (CCFA, CCFH, or similar)
Previous consulting or customer-facing technical role experience
Industry certifications (CISSP, GCIA, GCIH, CEH, or similar)
Experience with SOAR platforms and security automation
Knowledge of threat intelligence platforms and frameworks

What the JD emphasized

8+ years of experience in security operations, SIEM administration, or security engineering

Familiarity with at least one major SIEM platform (Next-Gen SIEM, LogScale, Splunk, QRadar, Sentinel, Chronicle, etc.)

Understanding of query languages (SQL, SPL, KQL, CQL, or similar)

Experience with detection engineering and correlation rule development

Familiarity with scripting/automation (Python, PowerShell, Bash)

As a global leader in cybersecurity, CrowdStrike protects the people, processes and technologies that drive modern organizations. Since 2011, our mission hasn’t changed — we’re here to stop breaches, and we’ve redefined modern security with the world’s most advanced AI-native platform. Our customers span all industries, and they count on CrowdStrike to keep their businesses running, their communities safe and their lives moving forward. We’re also a mission-driven company. We cultivate a culture that gives every CrowdStriker both the flexibility and autonomy to own their careers. We’re always looking to add talented CrowdStrikers to the team who have limitless passion, a relentless focus on innovation and a fanatical commitment to our customers, our community and each other. Ready to join a mission that matters? The future of cybersecurity starts with you.

About the Role:

The Next-Gen SIEM Senior Resident Consultant is an embedded technical advisor who partners closely with strategic customers to maximize the value of their CrowdStrike Next-Gen SIEM investment. This role combines technical expertise with strategic consulting to drive successful Next-Gen SIEM adoption, optimization, and ongoing operational excellence. The senior resident consultant is responsible for the planning, deployment, implementation, and operational support of the customer’s Next-Gen SIEM environment.

What You’ll Do:

Customer Partnership & Strategy

Serve as the primary technical advisor for assigned strategic customer accounts
Develop and maintain trusted advisor relationships with customer security teams and leadership
Understand customer security operations workflows, use cases, and business objectives
Mentor customer teams on SIEM best practices and threat hunting techniques

Technical Implementation & Optimization

Guide customers through Next-Gen SIEM deployment, configuration, and integration
Optimize data ingestion strategies and log source configurations
Design and implement custom detection rules, correlation searches, and use cases
Develop dashboards, reports, and visualizations tailored to customer requirements
Assist with migration of detection content from legacy SIEM platforms (Splunk, QRadar, etc.)
Perform health checks and platform optimization reviews
Troubleshoot complex technical issues and coordinate with engineering teams as needed
Track and report on key performance indicators and success metrics
Identify opportunities for automation and workflow improvements
Contribute to internal knowledge base and best practices documentation
Mentor new consultants on the team and ensure their enablement

What You’ll Need:

Technical Skills

8+ years of experience in security operations, SIEM administration, or security engineering
Familiarity with at least one major SIEM platform (Next-Gen SIEM, LogScale, Splunk, QRadar, Sentinel, Chronicle, etc.)
Understanding of query languages (SQL, SPL, KQL, CQL, or similar)
Experience with detection engineering and correlation rule development
Knowledge of common log sources (Windows, Linux, network devices, cloud platforms)
Familiarity with scripting/automation (Python, PowerShell, Bash)
Understanding of cloud security (AWS, Azure, GCP, OCI)
Familiarity with endpoint detection and response (EDR) concepts

Soft Skills

Exceptional communication skills with ability to explain technical concepts to varied audiences
Strong presentation and training delivery capabilities
Self-motivated with excellent time management and prioritization skills
Customer-focused mindset with commitment to driving customer success
Ability to work independently in a remote/embedded environment
Strong problem-solving and analytical thinking abilities

Bonus Points:

Familiarity with several major SIEM platforms (Next-Gen SIEM, LogScale, Splunk, QRadar, Sentinel, Chronicle, etc.)
Experience with CrowdStrike Falcon platform and Next-Gen SIEM
CrowdStrike certification (CCFA, CCFH, or similar)
Previous consulting or customer-facing technical role experience
Industry certifications (CISSP, GCIA, GCIH, CEH, or similar)
Experience with SOAR platforms and security automation
Knowledge of threat intelligence platforms and frameworks

#LI-DL1

#LI-Remote

This role may require the candidate to periodically undergo and pass alcohol and/or drug test(s) during the course of employment.

Benefits of Working at CrowdStrike:

Market leader in compensation and equity awards
Comprehensive physical and mental wellness programs
Competitive vacation and holidays for recharge
Paid parental and adoption leaves
Professional development opportunities for all employees regardless of level or role
Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
Vibrant office culture with world class amenities
Great Place to Work Certified™ across the globe

CrowdStrike is proud to be an equal opportunity employer. We are committed to fostering a culture of belonging where everyone is valued for who they are and empowered to succeed. We support veterans and individuals with disabilities through our affirmative action program.

CrowdStrike is committed to providing equal employment opportunity for all employees and applicants for employment. The Company does not discriminate in employment opportunities or practices on the basis of race, color, creed, ethnicity, religion, sex (including pregnancy or pregnancy-related medical conditions), sexual orientation, gender identity, marital or family status, veteran status, age, national origin, ancestry, physical disability (including HIV and AIDS), mental disability, medical condition, genetic information, membership or activity in a local human rights commission, status with regard to public assistance, or any other characteristic protected by law. We base all employment decisions--including recruitment, selection, training, compensation, benefits, discipline, promotions, transfers, lay-offs, return from lay-off, terminations and social/recreational programs--on valid job requirements.

If you need assistance accessing or reviewing the information on this website or need help submitting an application for employment or requesting an accommodation, please contact us at recruiting@crowdstrike.com for further assistance.

Find out more about your rights as an applicant.

CrowdStrike participates in the E-Verify program.

Notice of E-Verify Participation

Right to Work

CrowdStrike, Inc. is committed to fair and equitable compensation practices. Placement within the pay range is dependent on a variety of factors including, but not limited to, relevant work experience, skills, certifications, job level, supervisory status, and location. The base salary range for this position for all U.S. candidates is $100,000 - $155,000 per year, with eligibility for bonuses, equity grants and a comprehensive benefits package that includes health insurance, 401k and paid time off.

For detailed information about the U.S. benefits package, please click here.

Expected Close Date of Job Posting is:06-09-2026