What does a successful Senior Cyber Network Engineer – NDR do at Fiserv?
You will lead the planning, implementation, and continuous improvement of Network Detection and Response (NDR) capabilities across Fiserv’s global infrastructure. You will be responsible for engineering and managing advanced network threat detection platforms, integrating telemetry sources, and enabling proactive threat hunting. This role requires close collaboration with Cyber Architecture, CSIRT, Cloud Security, and Platform Engineering teams to deliver secure, scalable, and resilient network observability solutions. Reporting to the VP of Network Security, you will play a critical role in defending Fiserv’s digital assets against evolving network-based threats.
What you will do:
- Engineer, deploy, and maintain NDR platforms—primarily ExtraHop Reveal(x) including directing sensor placement, data ingestion, dashboard development, and alert tuning.
- Integrate ExtraHop telemetry with SIEM and SOAR platforms to enhance threat correlation and automated response workflows.
- Lead network-based threat detection initiatives, including behavioral analytics, lateral movement detection, and encrypted traffic analysis and collaborate with CSIRT to develop and refine detection logic, playbooks, and incident response procedures based on NDR insights.
- Develop automation scripts (Python, PowerShell, Perl) to streamline deployment, enrichment, and monitoring of NDR and network security tools and Conduct network surveys and planning for sensor coverage, traffic visibility, and onboarding of new or acquired business units.
- Define and report KPIs to monitor compliance, performance, and effectiveness of NDR controls and threat detection capabilities.
- Respond to RFIs, internal audits, and regulatory requests with detailed documentation and analysis of network observability and NDR posture.
- Support disaster recovery planning, risk management, and internal control processes.
- Mentor and manage engineering resources supporting the NDR function and broader network security initiatives.
What you will need to have:
- 10+ years in Information Security, preferably within financial or regulated industries.
- 8+ years in cybersecurity trends, threat detection, and infrastructure protection.
- 5+ years of hands-on experience with NDR platforms and network-based threat detection methodologies.
- 3+ years of direct experience with ExtraHop Reveal(x) or similar NDR platforms.
- 8+ years in large-scale corporate network environments.
- 5+ years in network security technologies (Firewalls, NGFWs, IDS/IPS, proxies).
- 3+ years in cloud platforms (AWS, Azure) and hybrid infrastructure.
- Strong scripting ability (Python, PowerShell, Perl) for automation and data enrichment.
- Working knowledge of Linux/Unix administration, SSL certificate management, and DNS.
- Bachelor’s degree in a relevant field or equivalent combination of training and experience.
What would be great to have:
- Network and Security Certifications (e.g., CCNP, CISSP, CEH).
- Hands-on experience with NDR platforms such as ExtraHop RevealX, Arista NDR, Darktrace, or Vectra AI.
Important info about this role:
- We’re better together! This role is fully on-site
- This is a full-time, direct-hire position, and no contract options or unsolicited agency submissions will be considered
- You must currently possess valid and unrestricted U.S. work authorization to be considered for this role. Individuals with temporary visas including, but not limited to, F-1 (OPT, CPT, STEM), H-1B, H-2, or TN, or any candidate requiring sponsorship, now or in the future, will not be considered for this role
#LI-RM1
R-10356136
