NDR Consultant

Eviden
Posted on October 1, 2025
Eviden logo
Experience
4 - 9 yrs
Salary
₹ 4-9 Lacs P.A.
Job Location
Chennai, India
Vacancy
1
Designation
AI Consultant
Job Type
ONSITE

Job Description

  • We are seeking a skilled NDR Security Engineer to design, implement, and manage a Network Detection and Response (NDR) presence across customer environments.
  • The ideal candidate will have deep expertise in cloud networking, traffic analysis, and security operations, with a proven ability to deploy NDR solutions that enhance threat visibility and response.
  • This role will collaborate with security, DevOps, and network teams to ensure comprehensive monitoring and rapid incident mitigation in a dynamic, customer infrastructure.

Key Responsibilities:

NDR Deployment:

  • Architect and deploy NDR solutions (e.g., ExtraHop, Vectra AI, Darktrace) in AWS and Azure to monitor critical workloads.
  • Configure traffic mirroring using AWS VPC Traffic Mirroring and Azure Virtual Network TAP (vTAP) to feed network data to the NDR platform.
  • Implement centralized traffic aggregation across multiple VPCs/VNets using AWS Transit Gateway or Azure Virtual WAN.

Cloud Integration:

  • Integrate NDR with AWS services (GuardDuty, Security Hub, CloudWatch) and Azure services (Defender for Cloud, Sentinel, Azure Monitor) for layered threat detection.
  • Pipe metadata from VPC Flow Logs and NSG Flow Logs into the NDR for enhanced context.

Automation and Scalability:

  • Develop and maintain Infrastructure-as-Code (IaC) templates (e.g., CloudFormation, ARM, Terraform) to automate NDR deployments.
  • Create scripts (e.g., Python, PowerShell) and automation workflows (e.g., Lambda, Azure Functions) to dynamically adjust traffic mirroring and respond to threats.
  • Implement auto-scaling for NDR instances to handle variable traffic loads.

Threat Detection and Response:

  • Analyse network traffic and behavioural patterns to identify anomalies (e.g., lateral movement, data exfiltration).
  • Triage NDR alerts, correlate with cloud-native findings, and recommend or automate containment actions (e.g., isolate compromised instances).
  • Conduct forensic analysis using captured traffic data for post-incident investigations.

Optimization and Testing:

  • Tune NDR configurations to reduce false positives and optimize performance (e.g., filter benign traffic).
  • Simulate attacks (e.g., port scans, malware) to validate detection and response capabilities.
  • Monitor and manage costs related to traffic mirroring, storage (e.g., S3, Blob Storage), and NDR operations.

Documentation and Collaboration:

  • Document NDR architecture, configurations, and incident response procedures.
  • Collaborate with SOC analysts, cloud architects, and stakeholders to align NDR with organizational security goals.
  • Present findings and recommendations to technical and non-technical audiences.

Keywords

VectraNDR

No Referrers Available

There are currently no referrers available for this job. You can still apply, will let you know once there is any referrer available.