OVERVIEW

Reveald is a leading cybersecurity firm specializing in Managed Detection & Response (MDR), delivered 24x7 by our expert-staffed Fusion Center and powered by the cutting-edge Epiphany Intelligence Platform (EIP).

The Fusion Center is the heart of our operation, providing continuous security monitoring and detection across customer networks. Our analysts use their expertise of various SIEM/SOAR solutions to proactively hunt and respond to threats, ensuring continuous protection and resilience for our clients.

Beyond our core MDR service, we are rapidly expanding our go-to-market offerings to include Managed Prevention and strategic advisory services. Reveald empowers security teams to transition away from reactive practices by adopting Continuous Threat Exposure Management (CTEM), underpinned by deep expertise at every stage of the journey. By leveraging the EIP's unified intelligence, we help organizations move toward a continuously improving, proactive security posture focused on strategic risk mitigation and operational excellence. Join us as we redefine how organizations manage and measure cyber risk.

POSITION SUMMARY

In this role, you will be the primary technical architect and subject matter expert for CrowdStrike's Next-Gen (NG) SIEM platform (formerly LogScale). You will be responsible for the full lifecycle management of this environment within our subcontracting business, ensuring it meets the rigorous demands and specific security requirements of our partner contracts.

A critical focus will be on data pipeline integrity, optimization, and security analysis. This includes designing and implementing high-volume, reliable data ingestion flows from diverse data sources (cloud environments, networks, security controls, etc.) into CrowdStrike’s NG-SIEM. You will be responsible for leveraging these data insights to perform analysis and develop detection content for our clients’ environments. You will master complex data parsing, normalization, and indexing strategies, directly impacting the quality and speed of threat detection. Furthermore, you will serve as the top technical escalation point for any performance, availability, or architectural issues related to the SIEM infrastructure supporting this dedicated line of business.

MINIMUM QUALIFICATIONS

• Bachelor’s degree in computer science, information systems, cybersecurity, a related technical field, or equivalent practical experience
• 5 years in a Security Engineering, SIEM Administration, or Detection Engineering role
• Experience working in a Managed Security Service Provider (MSSP), Consulting, or highly demanding partner/subcontracting environment
• 2 years of hands-on experience administering, configuring, and deploying SIEM platforms (e.g., CrowdStrike NG-SIEM (or Logscale), Splunk ES, IBM QRadar, Trellix Helix)
• The CrowdStrike Certified SIEM Engineer (CCSE) and the CrowdStrike Certified Falcon Administrator (CCFA) exams must be passed within six months upon the hire date
• Proficiency with CrowdStrike Query Language (CQL) for advanced search, analysis, and dashboard creation
• Deep understanding of log collection methodologies (e.g., API, Syslog, Kafka) and the challenges of parsing, normalizing, and enriching high-volume data streams
• Strong data onboarding experience
• Experience in use case development and detection engineering based on SIEM data

PREFERRED QUALIFICATIONS

• Prior engineering experience with other major SIEM or Log Management solutions (e.g., Splunk, Elastic Stack)
• Hands-on experience integrating SIEM platforms with SOAR technologies
• Proven ability to use scripting languages (e.g., Python) for security automation, data manipulation, and interacting with platform APIs
• Familiarity with API security, serverless logging, and cloud service provider security modules (e.g., AWS Security Hub, Azure Security Center) as they relate to data ingestion and analysis in a SIEM.
• Strong operational experience with Linux command-line tools for log management and system troubleshooting, particularly in environments utilizing Docker or Kubernetes as these platforms are common sources of high-volume log data.
• Practical experience integrating third-party Threat Intelligence feeds into the CrowdStrike NG-SIEM platform to enrich alerts and inform threat hunting activities.
• Relevant certifications for other major SIEM platforms (e.g., Splunk)

KEY RESPONSIBILITIES:

• CrowdStrike NG-SIEM Expertise: Lead the architecture, implementation, and maintenance of the CrowdStrike NG-SIEM environment for various client deployments.
• Data Onboarding & Integration: Own the end-to-end data pipeline, ensuring high-quality ingestion, parsing, and normalization of diverse security data sources into the NG-SIEM platform. Must possess strong data onboarding experience across various client ecosystems.
• Performance Optimization: Proactively monitor, tune, and scale the NG-SIEM infrastructure to ensure low latency and high availability.
• Use Case Development & Detection Engineering: Possess expertise in use case development and detection engineering; conduct advanced security analysis, and develop high-fidelity detection content (rules, alerts, dashboards, and reports) directly within the CrowdStrike SIEM to identify and triage security events for our partner environments.
• Support for Partner Operations: Provide high-level technical support, troubleshooting, and documentation specifically focused on the SIEM environment within our subcontracting business structure.
• Automation: Integrate the SIEM solution with existing SOAR and other security tools to automate workflows and enhance incident response efficiency.

COMPENSATION/BENEFITS

Reveald offers a compensation and benefits package that truly supports you and your family. In addition to a competitive compensation package, you'll receive comprehensive health, dental, and vision insurance, along with life and disability coverage. We're also invested in your future, which is why we offer a 401(k) plan with a generous company match. You'll enjoy a culture built on support and optimism, with flexible paid time off and paid holidays to help you recharge. Best of all, you're joining a team that genuinely believes in having fun while we work.