Detection Engineer

Nelnet is a diversified and innovative company committed to enriching lives through the power of service as a student loan servicer, professional services company, consumer loan originator and servicer, payments processor, renewable energy solutions, and K-12 and higher education expert. For over 40 years, Nelnet has been serving its customers, associates, and communities.

This position requires work in support of the Company’s contract with the United States Department of Education (“ED”). As such, the United States Government requires that any applicant for this position must complete the United States Government security clearance. Effective June 1, 2018, ED has informed Nelnet that security clearance applications for foreign nationals are not being accepted or processed. Considering this direction from ED, Nelnet will be unable to hire applicants without United States citizenship for such positions.

• Is a self-starter and can consistently produce outstanding results with minimal supervision.

• Has exceptional troubleshooting skills and is extremely detail oriented.

• Monitors and works with logs in SIEM tools and other log aggregators such as Google Observability.

• Builds and maintains Cloud infrastructure on platforms such as AWS, Azure, and Google Cloud.

• Verifies if threat findings are actual threats or false positives.

• Sets up logging sources, data routes, and data transformations inside of Cribl.

• Participates in department-wide change control and IT governance processes, on behalf of the Nelnet Cyber Security Group (CSG).

• Stays up to date on the latest global threat landscape and threat intelligence.

• Responds to audit findings and creating/maintains evidence documentation.

• Develops and maintains documentation for security related systems.

Pay Range for this role is - $100,000 - $110,000 depending on experience

• Bachelor’s degree in cybersecurity, computer science, systems administration, information systems, or related areas.

• Related work experience and certifications may be substituted for this requirement.

• Minimum experience of four years in implementing and supporting cybersecurity technologies, such as:

• SIEM

• SOAR

• Database Monitoring

• Threat detection mechanisms

• Alarming mechanisms

• Operational logging and alerting for business applications

• Ability to work with a remote team via collaboration tools (Microsoft Teams, E-Mail, and Video Conferences).

• Experience with Power Shell, Python, BASH, Chef or Ansible a plus.

• Any relevant Cybersecurity certifications, such as:
  Security+, SSCP, CISSP, GSEC, GCIA, GMON, GCDA.

• IT certification system administration and log management tools is a plus.

• Enterprise level experience with:

• SIEM Products

• Google Sec Ops

• Google Cloud Observability

• Splunk

• Logging and Monitoring Products

• Cribl

• Bindplane

• Datadog

• Sysmon

• Syslog

• Windows Event logs

• Linux Redhat

• Atlassian products Jira and Confluence

• Service Now, preferably including SNOW security related modules (VR, GRC, etc.)

Please note that we are unable to provide visa sponsorship for this position. To be considered, candidates must already be authorized to work in the United States without the need for current or future sponsorship.

Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program.  to learn more about our benefits: LINK ().

Nelnet is committed to providing a welcoming and respectful workplace where all associates have the opportunity to succeed. As an Equal Opportunity Employer, we ensure that all qualified applicants are considered for…