Senior NDR & Platform Observability Engineer

Senior NDR & Platform Observability Engineer Location:

Minneapolis, MN / Hartford, CT Role Summary We are hiring a Senior Engineer to own the health, monitoring, automation, and reliability of the enterprise Network Detection & Response (NDR) ecosystem, with strong focus on Corelight, Zeek pipelines, and observability platforms . You will work closely with Security Operations, Incident Response, and Network Engineering teams to improve detection quality, reduce alert noise, and ensure continuous NDR coverage. Key Responsibilities Operate and maintain NDR sensors, Zeek pipelines, and telemetry ingestion Monitor sensor uptime, packet throughput, ingest health, and drop rates Triage NDR alerts and support SOC/IR investigations Tune Zeek scripts, Suricata rules, Corelight detection packs Troubleshoot

SPAN/TAP

feeds and packet broker visibility Design and build enterprise observability stack Develop Python-based metrics collectors & automation Build dashboards & alerts using: Grafana Prometheus InfluxDB Telegraf Define SLIs/SLOs for platform reliability & data freshness Create runbooks, documentation, and operational reports Required Skills & Technologies 5+ years in NDR, Security Operations, Network Engineering, or Observability Hands-on with Corelight, Zeek, Suricata, Endace, or cPacket Strong Python scripting & REST API integrations Experience with Grafana, Prometheus, InfluxDB, Telegraf Solid knowledge of network traffic, packet capture, and troubleshooting Experience building monitoring dashboards, alerts, and metrics pipelines Experience supporting SOC / Incident Response teams Preferred Skills Custom Prometheus exporters (Python/Go) Corelight APIs & Zeek customization Docker / Kubernetes SIEM integrations Exposure to Kafka, Elasticsearch, Loki Knowledge of

MITRE ATT&CK AI

Tool Expectations Regular use of GitHub Copilot, Microsoft 365 Copilot, and enterprise GenAI tools Apply AI to improve coding, documentation, automation, and analytics workflows