Position Title: Network Detection & Response (NDR) Architect
Location: Arlington, VA or Laurel, MD (Hybrid)
Clearance Requirements: Active Secret Clearance Required
Position Status: 2-Year Contract
Pay Rate: $70 - $85/hr.
Position Description: We are seeking a highly skilled Network Detection & Response (NDR) Architect to design, build, and optimize advanced network security solutions for a large-scale federal environment. This role is ideal for a cybersecurity professional who excels in threat detection, network architecture, and the deployment of cutting-edge NDR technologies.
You will lead the architecture, integration, and continuous enhancement of enterprise NDR platforms—working across security, network, and incident response teams to strengthen the organization’s overall cyber defense posture.
SEO Keywords Included: NDR Architect, Network Detection and Response, Cybersecurity Architect, ExtraHop, Darktrace, Vectra, Network Security, Federal Cybersecurity, Threat Detection, Incident Response, SIEM, SOAR, Zero Trust, Network Architecture, Cyber Defense.
Required Skills/Education:
Core Responsibilities
- Architect and deploy enterprise-level Network Detection & Response (NDR) solutions.
- Configure and optimize NDR platforms such as ExtraHop Reveal(x), Darktrace, or Vectra Cognito.
- Integrate NDR capabilities with existing SIEM, SOAR, EDR, and network security infrastructure.
- Lead network traffic analysis, threat hunting, and anomaly detection activities.
- Develop custom detection rules, signatures, and automation workflows.
- Conduct incident response, forensic investigations, and create response playbooks.
- Build and maintain network segmentation strategies aligned with Zero Trust principles.
- Perform ongoing tuning, optimization, and assessments to improve threat visibility.
- Prepare and deliver clear reports, dashboards, and briefings to technical and non-technical teams.
- Ensure NDR operations meet compliance requirements such as GDPR, PCI DSS, HIPAA, and federal standards.
- Maintain documentation, policies, and procedures supporting audits and governance.
Technical Expertise
- Deep understanding of network protocols (TCP/IP, DNS, HTTP/S) and the OSI model.
- Expertise in network security architecture, packet analysis, and traffic baselining.
- Strong knowledge of cyber threat tactics (APTs, malware, DDoS, lateral movement, exfiltration).
- Hands-on experience with NDR tools: ExtraHop, Darktrace, Vectra, etc.
- Familiarity with SIEM platforms (Splunk, QRadar, LogRhythm) and SOAR tools (XSOAR, Swimlane, Phantom).
- Understanding of encryption, PKI, TLS, identity security, and Zero Trust principles.
- Experience working with cloud environments (AWS, Azure, or GCP).
- Comfort with virtualization, containers, and orchestration tools (VMware, Docker, Kubernetes).
Programming & Automation
- Proficiency in Python, PowerShell, or Bash for automation and custom tooling.
- Experience with API integrations, security automation, and workflow scripting.
Analytical & Problem-Solving Skills
- Ability to analyze complex datasets and identify meaningful threat patterns.
- Strong troubleshooting, root-cause analysis, and adversarial thinking.
- Ability to detect subtle behaviors associated with APTs and insider threats.
Soft Skills
- Excellent written and verbal communication skills.
- Strong leadership and collaboration abilities.
- Ability to convey highly technical concepts to non-technical audiences.
- Self-driven with a passion for cybersecurity innovation.
Preferred Qualifications
- Bachelor’s or Master’s in Cybersecurity, Computer Science, or related field.
- 5+ years of experience in network security or cyber defense roles.
- Certifications such as:
- ExtraHop Certified Professional
- CISSP, GSE
- CEH
- CCNP Security or equivalent
- Experience with threat hunting, APT detection, and forensic analysis.
- Familiarity with federal compliance frameworks and auditing.
Tools & Technologies
- NDR: ExtraHop Reveal(x), Darktrace, Vectra Cognito
- Network Analysis: Wireshark, tcpdump, NetFlow
- SIEM: Splunk, QRadar, LogRhythm
- SOAR: XSOAR, Swimlane, Phantom
- Firewalls/IDS/IPS, EDR tools, Cloud Security, VMware, Docker, Kubernetes
About Seneca Resources: At Seneca Resources, we are more than a staffing and consulting firm—we are a trusted career partner. With nationwide offices and clients ranging from Fortune 500 organizations to federal agencies, we connect talented professionals with meaningful opportunities that drive impact and career growth.
When you join Seneca, you gain a team that invests in your success, advocates for your goals, and provides:
- Competitive compensation
- Comprehensive medical, dental, and vision benefits
- 401(k) retirement plans
- Dedicated recruiter support throughout your engagement
Seneca Resources is an Equal Opportunity Employer committed to building a diverse, inclusive workplace. We encourage all qualified candidates to apply.
