Network Detection and Response (NDR) Specialist

Company Description

Arista Networks is an industry leader in data-driven, client-to-cloud networking for large data center, campus and routing environments. Arista is a well-established and profitable company with over $7 billion in revenue. Arista’s award-winning platforms, ranging in Ethernet speeds up to 800G bits per second, redefine scalability, agility, and resilience.  Arista is a founding member of the Ultra Ethernet consortium. We have shipped over 20 million cloud networking ports worldwide with CloudVision and EOS, an advanced network operating system. Arista is committed to open standards, and its products are available worldwide directly and through partners.

At Arista, we value the diversity of thought and perspectives each employee brings. We believe fostering an inclusive environment where individuals from various backgrounds and experiences feel welcome is essential for driving creativity and innovation.

Our commitment to excellence has earned us several prestigious awards, such as the Great Place to Work Survey for Best Engineering Team and Best Company for Diversity, Compensation, and Work-Life Balance. At Arista, we take pride in our track record of success and strive to maintain the highest quality and performance standards in everything we do.

Job Description

Who You’ll Work With

In this role as a Network Detection and Response (NDR) Specialist, you will work closely with Security Operations Center (SOC) analysts, threat hunters, incident response teams, network and infrastructure teams, and IT security leadership. You will also collaborate with cybersecurity architects, intelligence analysts, and tool administrators to ensure effective deployment, tuning, and integration of NDR platforms. Coordination with external vendors and platform providers (such as Vectra, Darktrace, or ExtraHop) may also be required for tool optimization and support. This role demands strong cross-functional engagement to enable rapid threat detection, investigation, response, and continuous improvement of the organization’s security posture.

What You’ll Do

Arista is seeking a skilled and proactive Network Detection and Response (NDR)  Specialist to join our cybersecurity team. The ideal candidate will be responsible for  monitoring, detecting, investigating, and responding to network-based threats using  advanced NDR platforms. This role is crucial in strengthening our organization’s threat  detection capabilities and reducing cyber risks in real time. 

Key Responsibilities: 

• Monitor network traffic to detect malicious or anomalous activity using NDR  solutions (e.g., Darktrace, Vectra, ExtraHop, Corelight).
• Configure, maintain, and fine-tune NDR tools to optimize detection capabilities and  minimize false positives.
• Conduct deep-dive analysis of network events to identify indicators of compromise  (IoCs) and tactics, techniques, and procedures (TTPs). 
• Collaborate with SOC analysts, threat hunters, and other teams to contain and  remediate threats.
• Perform forensic investigations of network packets and flows using tools such as  Wireshark, Zeek, or Suricata. 
• Develop detection rules, playbooks, and alerting mechanisms aligned with MITRE  ATT&CK framework.
• Assist in threat intelligence enrichment and correlation with network-based alerts.
• Prepare root cause analyses, and recommendations for enhancing network  security posture. 
• Stay current on emerging threats, attack techniques, and NDR technologies.

Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology,  or related field (or equivalent experience).
• 3–5 years of experience in cybersecurity, with at least 2 years focused on NDR or  network security.
• Hands-on experience with one or more NDR platforms (Vectra AI, Darktrace,  ExtraHop, etc.). 
• Strong understanding of network protocols (TCP/IP, DNS, HTTP, etc.) and packet  analysis. 
• Familiarity with threat detection and response processes.
• Working knowledge of SIEM platforms, firewalls, IDS/IPS, and EDR solutions. • Experience using MITRE ATT&CK, PCAP analysis, and threat intelligence feeds. 

Preferred Qualifications: 

• Certifications such as GCIA, GCIH, CEH, CISSP, or equivalent. • Experience in scripting (Python, PowerShell, Bash) for automation and data  analysis. 
• Knowledge of cloud environments (AWS, Azure, GCP) and their networking  components. 
• Experience integrating NDR with SOAR/SIEM for automation and correlation.
• Analytical mindset with strong problem-solving skills. 
• Ability to work under pressure 
• Excellent verbal and written communication skills. 
• Team player with the ability to collaborate across technical and non-technical  teams.

Additional Information

Arista stands out as an engineering-centric company. Our leadership, including founders and engineering managers, are all engineers who understand sound software engineering principles and the importance of doing things right.

We hire globally into our diverse team. At Arista, engineers have complete ownership of their projects. Our management structure is flat and streamlined, and software engineering is led by those who understand it best. We prioritize the development and utilization of test automation tools.

Our engineers have access to every part of the company, providing opportunities to work across various domains. Arista is headquartered in Santa Clara, California, with development offices in Australia, Canada, India, Ireland, and the US. We consider all our R&D centers equal in stature.

Join us to shape the future of networking and be part of a culture that values invention, quality, respect, and fun.