Nelnet’s Cybersecurity Log Operations Engineers operate as a shared service across multiple business lines representing a hybridized attack surface covering on premise and cloud-based elements. It is imperative that our engineers understand the business needs and be able to coordinate those with the organization’s security and operational goals. This position requires work in support of the Company’s contract with the United States Department of Education (“ED”). As such, the United States Government requires that any applicant for this position must complete the United States Government security clearance. Effective June 1, 2018, ED has informed Nelnet that security clearance applications for foreign nationals are not being accepted or processed. Considering this direction from ED, Nelnet will be unable to hire applicants without United States citizenship for such positions. JOB RESPONSIBILITIES: • Is a self-starter and can consistently produce outstanding results with minimal supervision. • Has exceptional troubleshooting skills and is extremely detail oriented. • Monitors and works with logs in SIEM tools and other log aggregators such as Google Observability. • Builds and maintains Cloud infrastructure on platforms such as AWS, Azure, and Google Cloud. • Verifies if threat findings are actual threats or false positives. • Sets up logging sources, data routes, and data transformations inside of Cribl. • Participates in department-wide change control and IT governance processes, on behalf of the Nelnet Cyber Security Group (CSG). • Stays up to date on the latest global threat landscape and threat intelligence. • Responds to audit findings and creating/maintains evidence documentation. • Develops and maintains documentation for security related systems. **Pay Range for this role is - $100,000 - $110,000 depending on experience Required Qualifications: • Bachelor’s degree in cybersecurity, computer science, systems administration, information systems, or related areas. • Related work experience and certifications may be substituted for this requirement. • Minimum experience of four years in implementing and supporting cybersecurity technologies, such as: • SIEM • SOAR • Database Monitoring • Threat detection mechanisms • Alarming mechanisms • Operational logging and alerting for business applications • Ability to work with a remote team via collaboration tools (Microsoft Teams, E-Mail, and Video Conferences). • Experience with PowerShell, Python, BASH, Chef or Ansible a plus. Desired Qualifications: • Any relevant Cybersecurity certifications, such as: Security+, SSCP, CISSP, GSEC, GCIA, GMON, GCDA. • IT certification system administration and log management tools is a plus. • Enterprise level experience with: • SIEM Products • Google SecOps • Google Cloud Observability • Splunk • Logging and Monitoring Products • Cribl • Bindplane • Datadog • Sysmon • Syslog • Windows Event logs • Linux Redhat • Atlassian products Jira and Confluence • ServiceNow, preferably including SNOW security related modules (VR, GRC, etc.) Please note that we are unable to provide visa sponsorship for this position. To be considered, candidates must already be authorized to work in the United States without the need for current or future sponsorship Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program. Click here to learn more about our benefits: .