Sr. Security Operations Center (SOC) Analyst Company: Nelnet Nelnet is a diversified and innovative company committed to enriching lives through the power of service as a student loan servicer, professional services company, consumer loan originator and servicer, payments processor, renewable energy solutions, and K-12 and higher education expert. For over 40 years, Nelnet has been serving its customers, associates, and communities. The Senior Security Operations Center (SOC) Analyst will perform tasks including monitoring, investigation, and triage of cybersecurity events that occur on the network or endpoint with a focus on the determination of whether said events constitute security incidents. Participate in incident response and as a consultant in security projects. This is a Senior role and candidates MUST have experience in an enterprise SOC using SIEM / SOAR / XDR platforms. The Senior Security Operations Center (SOC) Analyst will be a security consultant to multiple Nelnet business lines. This position requires work in support of the Company’s contract with the United States Department of Education (“ED”). As such, the United States Government requires that any applicant for this position must complete United States Government security clearance. Effective June 1, 2018, ED has informed Nelnet that security clearance applications for foreign nationals are not being accepted or processed. In light of this direction from ED, Nelnet will be unable to hire applicants without United States citizenship for such positions. Responsibilities: Monitor and investigate security alerts from the SIEM, SOAR, IPS/IDS, Firewall, EDR/XDR, and other systems. Demonstrate an intermediate to advanced level of understanding of numerous security products and processes. Responsible for ongoing review of security use case correlation searches to provide actionable alerts. Understand the policy, standards, and procedures found in the Nelnet enterprise as well as understanding appropriate laws and regulations for the business. Be a trusted security advisor to other departments and lines of business. Responsible for assisting Cybersecurity Incident Response including the detection, documentation, containment, and eradication of real-time threats. Completes routine preventative measures and maintains/monitor network security. Respond to log and security inquiries from business partners and various audit requests. Creating and updating cyber security runbooks. Pay Range: $80,000 - $125,000 depending on experience Qualifications: EDUCATION: 4-year degree in a cyber security/information technology related field OR information security equivalent in certifications and/or experience. GIAC GSEC or GMON, BTL1, PCRP, CISSP, CompTIA Security are desired certifications. EXPERIENCE: 1-3 years in a Security Operation Center (SOC) environment. Must have security information events management (SIEM) competency. Knowledge of networking architectures and protocols. Previous cybersecurity investigation experience. Experience writing or updating security playbooks. COMPETENCIES – SKILLS/KNOWLEDGE/ABILITIES: Knowledge of SIEM / SOAR technologies including but not limited to any of the following; Splunk Enterprise Security, Splunk SOAR, Siemplify, Google Chronicle a.k.a Google SecOps, Devo, IBM Qradar, Palo Alto Cortex XSOAR etc. Experience with Cyber Incident Response is desired. AWS experience is desired. Experience with IDS/IPS systems is desired. Experience with EDR/XDR solutions is required. (Crowdstrike, SentinelOne, MS Defender, Palo Cortex etc.) Automation experience desired; PowerShell, Python, etc. Excellent coordination, documentation, and organizational skills. Familiarity with the MITRE ATT&CK Framework. Naturally curious – puzzle/problem solver. Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program. Nelnet is an Equal Opportunity Employer, complies with Executive Order 11246, and takes affirmative action to ensure that qualified applicants are employed, and that employees are treated during employment, without regard to race, color, religion/creed, national origin, gender, or sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by Federal or State law or local ordinance. Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Corporate Recruiting at 402-486-5725 or corporaterecruitingnelnet.net. Nelnet is a Drug Free and Tobacco Free Workplace. J-18808-Ljbffr