10 Ndr Jobs

Your day at NTT DATA The Security Platform Engineer is a seasoned subject matter expert, responsible for facilitating problem resolution and mentoring for the overall team. This role performs operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). The Security Platform Engineer is responsible for detecting and monitoring escalated threats and suspicious activity affecting the organization's technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments). What you'll be doing Key Responsibilities: Works as part of a 24/7 team working on rotational shifts. Works as part of Platform and Content Engineering handling tunings, stake holder requests, escalations, reporting, trainings. Administers the organization's security tools to gather security logs from environment. Performs lifecycle management of the supported security tools/technologies, Break-fix, Patching, Live update. Adheres to SOPs and notify stake holders on log flow/log format issues. Documents best practices. Identifies opportunities to make automations which will help the incident response team. Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics, and a broad range of skills in LAN technologies, Windows and Linux O/Ss, and general security infrastructure. Carries out agreed maintenance tasks. Ensures usage of knowledge articles in incident diagnosis and resolution and assist with updating as and when required. Performs defined tasks to monitor service delivery against service level agreements and maintains records of relevant information. Investigates causes of incidents and seeks resolution. Escalates unresolved incidents and follow up until incident is resolved. Provides service recovery, following resolution of incidents. Documents and closes resolved incidents according to agreed procedures. Investigates and identifies root cause of incidents and assist with the implementation of agreed remedies and preventative measures. Maintains knowledge of specific specialisms, provides detailed advice regarding their application. Ensures efficient and comprehensive resolution of incidents, including ensuring that repairs are carried out by coordinating product requests, working with other team members. Logs all such incidents in a timely manner with the required level of detail with all the necessary. Cooperates with all stakeholders including client IT environments, vendors and carriers to expedite diagnosis of errors and problems and to identify a resolution. Knowledge and Attributes: Seasoned working knowledge on implementation and monitoring of any SIEM or security tools/technologies. Seasoned knowledge on security architecture, worked across different security technologies. Customer service orientated and pro-active thinking. Problem solver who is highly driven and self-organized. Great attention to detail. Good analytical and logical thinking. Excellent spoken and written communication skills. Team player with the ability to work well with others and in group with colleagues and stakeholders. Academic Qualifications and Certifications: Bachelor's degree or equivalent in Information Technology or related field. Relevant level of Networking certifications such as CCNA, JNCIA, ACCA, PCNSA, CCSA etc. preferred. Relevant level of Security certifications such as AZ-500, SC-200, Security+, CEH, CISSP, CISM etc. will be added advantage. Required Experience: Seasoned experience in Security technologies like (Firewall, IPS, IDS, Proxy etc.). Seasoned experience in technical support to clients. Seasoned experience in diagnosis and troubleshooting. Seasoned experience providing remote support in Security Technologies. Seasoned experience in SOC/CSIRT Operations. Seasoned experience in handling security incidents end to end. Knowledge on networking, Linux and security concepts. Seasoned experience in configuring/managing security controls such as Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, HoneyPots and other security tools. Knowledge on log collection mechanism such as Syslog, Log file, DB API. Knowledge in security architecture. Seasoned experience in Security engineering.

Knowledge of Information Security technologies (EDR, NDR, IPS, WAF, SIEM) Understanding of networking protocols (TCP/IP) security methodologies (ACL/NAC) & topologies Working knowledge of Windows and Linux OS, security incident response processes Required Candidate profile Working knowledge of analyzing, responding & remediating network intrusions, web app, & server attacks, scripting ,root cause determination, containerization concepts & tools

As an L1 SOC Analyst, you will be responsible for monitoring alerts and triaging basic security events from SIEM, EDR, and NDR platforms. Your role includes identifying suspicious activities, escalating incidents as per defined SOPs, and supporting the security operations team in daily monitoring tasks. Key Responsibilities: Monitor alerts from SIEM (QRadar, Microsoft Sentinel), EDR (Microsoft Defender for Endpoint), and NDR (LinkShadow/Darktrace) platforms Triage basic security events and validate incidents using established playbooks Escalate potential threats to L2 analysts based on severity and context Review and respond to AV/EDR alerts and execute predefined security queries Log incidents, document actions, and maintain ticketing system with accurate updates Enrich alerts with known threat intelligence and IOCs (IP, domain, file hashes) Support incident response efforts for phishing, malware, brute-force attacks, etc. Collaborate with team members and shift leads to ensure 24x7 monitoring coverage Tool Experience (Preferred): SIEM Tools: Basic use of QRadar and Microsoft Sentinel EDR/XDR: Microsoft Defender for Endpoint, Antivirus consoles NDR: LinkShadow or Darktrace (basic familiarity) Other Tools: Microsoft Exchange Online Protection (EOP), Azure AD Sign-In Logs (optional) Certifications (Preferred): CompTIA Security+ Microsoft SC-900 Shift Readiness: This role requires flexibility to work in 24x7 rotational shifts , including nights, weekends, and holidays. Required Skills: Understanding of basic cybersecurity concepts Familiarity with security alert triage and incident logging Basic knowledge of Indicators of Compromise (IOCs) Fast learner with strong attention to detail Effective communicator and team player

Knowledge of Information Security technologies (EDR, NDR, IPS, WAF, SIEM) Understanding of networking protocols (TCP/IP) security methodologies (ACL/NAC) & topologies Working knowledge of Windows and Linux OS, security incident response processes Required Candidate profile Working knowledge of analyzing, responding & remediating network intrusions, web app, & server attacks, scripting ,root cause determination, containerization concepts & tools

Company : Clover Infotech Location : Chennai Hiring for Cisco Stealthwatch (Cisco NDR) professionals will be working on Banking project We are looking at someone with upgradation and Implementation expereince Pls note : This is full time position in Chennai

Knowledge of Information Security technologies (EDR, NDR, IPS, WAF, SIEM) Understanding of networking protocols (TCP/IP) security methodologies (ACL/NAC) & topologies Working knowledge of Windows and Linux OS, security incident response processes Required Candidate profile Working knowledge of analyzing, responding & remediating network intrusions, web app, & server attacks, scripting ,root cause determination, containerization concepts & tools

Role & responsibilities Design, deploy and maintain the Darktrace NDR Platform. Integrate the solution with existing tools & technologies (FW, endpoint solutions, SIEM, etc.) Configure & optimize detection algorithms & policies to align with organizations network environment, Perform regular system health checks & upgrade to ensure platform stability & security. Manage platform user accounts, roles, access control. Generate & distribute performance reports & operational summaries. Support Incident response when required.

About the role Lead the strategy, design, and development of the shared data platform to meet company objectives founded on a thorough understanding of business unit strategies and objectives, the competitive landscape, and current and potential future business challenges. Use a data-focused approach to ensure each initiative on our product roadmap delivers a meaningful impact to our business and users. Voice of Customer Partner with pre and post sales teams as well as Trellix partners to understand the customer pain points and translate that into product strategy and bring clarity to engineering teams for execution of that strategy. Develop deep and trusted relationships with key customers, partners, and other key stakeholders. Drive Results - Attack everything with drive and energy with an eye on both the bottom line and customer success Create a talent plan designed to develop, motivate/coach, and retain top product management talent. Influence others, with strong attention to detail, excellent organization skills, and ability to manage multiple projects and responsibility. About you You bring 7+ years of cybersecurity experience (SIEM, XDR, EDR, NDR, SOC Analyst, Threat Research) and a track record of success at leading technology and product organizations while being both a strategist and executor. A customer-centric software product leader and domain expert with a history of developing a product strategy that aligns with the corporate strategy and delivering results in a fast-paced, dynamic environment. You bring years of product management experience in a product led company, developing, and executing against a product roadmap that delivers revenue growth. You bring experience building and evangelizing products that cater to security operations centers and clearly understands the day-to-day workflows that take place in those organizations such as event ingestion, enrichment, detection, analysis and response. You bring a high level of technical understanding in the areas of virtual infrastructure, container architecture, event processing, normalization and parsing, database architecture, detection engines, event transfer protocols and mechanisms and UX. You have highly effective communication & data presentation skills, enabling you to influence both business and technical teams, from executive leadership to the company. Ability to prioritize & handle multiple requests concurrently and consistently deliver superior results in a timely fashion. Effective change agent, can lead change, think out of the box, & make new ideas happen. Ability to communicate vision and strategy. You are collaborative, diplomatic, and humble. You have no problem rolling up your sleeves to help when needed.

We are seeking a Cloud Engineer to design, implement, and maintain cloud infrastructure (AWS, Azure, GCP). Key responsibilities include cloud architecture, system administration, automation, security, cost management, and documentation. Experience with migrating Exchange and SharePoint to cloud solutions is required. Collaborate with, cross-functional teams to design, implement, and maintain cloud infrastructure solutions. Provide technical guidance and support to resolve complex issues related to cloud services, Cyber Security, Networks. Perform regular assessments and audits to ensure the security, reliability, and efficiency of cloud environments. Participate in planning and executing cloud migration projects, including workload assessments, resource provisioning, and data migration strategies. Work as a Technical Consultant for Various Microsoft Technologies and its Security products. Hosted Exchange and Online Exchange Migration SharePoint and OneDrive Migration Teams, Enterprise Roaming Profile and Intune Deployment Spam Filters and Endpoint Security, EDR, XDR, NDR, MDR Work with Pass-through, Federated auth, SSO, Hybrid access, Cloud Sync, Delegation, Self Service. MFA, Conditional Policies, PIM, Vulnerabilities and risk assessment. Encryption, Risk Asses, Incidence management, VA, Penetration test, IDS/IPS, compliance

Roles and Responsibilities Design, implement, and maintain security solutions such as Firewall, IPS/IDS, WAF, DLP, APT, NDR, DDoS Tool, Web Gateway, Anti-Spam and Email Security Gateway. Configure F5 Load Balancer for high availability and scalability. Monitor network traffic using tools like Insider Threat Management System to detect potential threats. Implement Insider Threat Management strategies to mitigate risks from within the organization. Ensure compliance with industry standards for IT security best practices. Mandatory Certifications / Diplomas: NSE4/PCNSE/F5/ F5 Certified BIG-IP Administrator/CISSP