A CyberSecurity Cloud Engineer specializes in providing security for cloud-based digital platforms and plays an integral role in protecting an organization's data. This may involve analyzing existing cloud structures and creating new and enhanced security methods. They serve as part of a larger team dedicated to enterprise security. CyberSecurity Cloud Engineers work full-time in an office environment, with an occasional need to respond to after-hours emergencies.
Responsible for the design and execution of security solutions based on enterprise security policies, audit requirements, and best practices. They collaborate primarily with the CyberSecurity Group to receive guidance and provide recommendations. Additionally, they work with the enterprise architect team, infrastructure admin teams, and risk management teams to implement technologies and automation that will enforce and govern the security requirements of Nelnet systems. When implementing solutions they collaborate with leadership, cloud engineers, and infrastructure engineers to build, maintain, and evaluate.
This position requires work in support of the Company's contract with the United States Department of Education (“ED“). As such, the United States Government requires that any applicant for this position must complete United States Government security clearance. Effective June 1, 2018, ED has informed Nelnet that security clearance applications for foreign nationals are not being accepted or processed. In light of this direction from ED, Nelnet will be unable to hire applicants without United States citizenship for such positions.
Job responsibilities include securing cloud-based programs, performing threat simulations to detect possible risks, and providing security recommendations on topics like microserve design or application development. Cloud security engineers may instruct other teams on proper coding methods. They may also investigate, create, and recommend innovative technologies or other methods that will enhance the security of cloud-based environments.
Bachelor's degree in Computer Science or related field and/or equivalent combination of education and experience.
COMPETENCIES – SKILLS/KNOWLEDGE/ABILITIES:
CyberSecurity Cloud Engineers need strong technical skills, which may include experience with Linux and Windows operating systems, scripting languages like Python, and cloud provider ecosystems like Amazon AWS. They should have excellent attention to detail, as they must constantly monitor systems to ensure there are no external threats. Excellent oral and written communication skills will be essential when interacting with team members. CyberSecurity Cloud Engineers must have initiative and serve as a project leader when needed. They should also have ingenuity and strong problem-solving skills in order to swiftly and creatively deal with threats or flaws in networks.
- Ability to operate at strategic and tactical levels
- Prior experience in financial services industry is a plus
- Must have deep understanding of core security principles and security best practices of user identity and access management.
- Have deep understanding of how to do these things in the following: AWS Cloud, Azure, and Active Directory.
- Expected to evaluate and learn new features and changes to services such as AWS Identity and Access Management (IAM), Amazon Virtual Private Cloud (Amazon VPC), AWS Config, AWS CloudTrail, AWS Key Management Service (AWS KMS), AWS CloudHSM, and AWS Trusted Advisor.
- Must understand smart card authentication principles.
- Deep understanding of PKI, certificate, and general encryption mechanisms and applications.
- Must have the aptitude to review current processes and determine how to implement better security controls and governance via automation, scripting, using highly repeatable, programmatic design.
- Prior experience working with Perl, Bash, Python, XML, REST API, and JSON is desired
- Understand how to use logging to manage and govern a security model.
- Knowledge of Splunk or Elasticsearch is a bonus
- Demonstrated ability to identify and learn new services, tools, or scripting languages to help automate, monitor, and manage security operations on AWS, Azure, or Active Directory.
- Understanding of security incident response procedures.
- Understand the AWS shared security responsibility model
- IT Security certifications required: CISSP or GIAC equivalent
- AWS certifications desired: AWS Solution Architect, AWS Certified Security - Specialty
Nelnet is an Equal Opportunity Employer, complies with Executive Order 11246, and takes affirmative action to ensure that qualified applicants are employed, and that employees are treated during employment, without regard to race, color, religion/creed, national origin, gender, or sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by Federal or State law or local ordinance. Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Nelnet Talent Acquisition & Recruiting. Nelnet is a Drug Free and Tobacco Free Workplace