• IT Infrastructure Engineer- Cloud

    Job Locations US-NE-Lincoln | US-WI-Madison | US-CO-Highlands Ranch
    Posted Date 4 months ago(7/1/2019 5:29 PM)
    Job ID
    # of Openings
    Information Technology
  • Overview

    Responsible for the design and execution of security solutions based on corporate security policies, audit requirements, and best practices.  They collaborate primarily with the Corporate Security Group to receive guidance and provide recommendations.  Additionally, they work with the enterprise architect team, infrastructure admin teams, and risk management teams to implement technologies and automation that will enforce and govern the security requirements of Nelnet systems.  When implementing solutions they collaborate with leadership, cloud engineers, and infrastructure engineers to build, maintain, and evaluate.


    This position requires work in support of the Company’s contract with the United States Department of Education (“ED”). As such, the United States Government requires that any applicant for this position must complete United States Government security clearance. Effective June 1, 2018, ED has informed Nelnet that security clearance applications for foreign nationals are not being accepted or processed. In light of this direction from ED, Nelnet will be unable to hire applicants without United States citizenship for such positions.



    Bachelor's degree in Information Science or related field and/or equivalent combination of education and experience.



    • Excellent verbal and written communication skills
    • Ability to operate at strategic and tactical levels
    • Prior experience in financial services industry is a plus
    • Must have deep understanding of core security principles and security best practices of user identity and access management.
      • Have deep understanding of how to do these things in the following: AWS Cloud, Azure, and Active Directory.
      • Expected to evaluate and learn new features and changes to services such as AWS Identity and Access Management (IAM), Amazon Virtual Private Cloud (Amazon VPC), AWS Config, AWS CloudTrail, AWS Key Management Service (AWS KMS), AWS CloudHSM, and AWS Trusted Advisor.
    • Must understand smart card authentication principles.
    • Deep understanding of PKI, certificate, and general encryption mechanisms and applications.
    • Must have the aptitude to review current processes and determine how to implement better security controls and governance via automation, scripting, using highly repeatable, programmatic design.
    • Prior experience working with Perl, Bash, Python, XML, REST API, and JSON is desired
    • Understand how to use logging to manage and govern a security model.
      • Knowledge of Splunk or Elasticsearch is a bonus
    • Demonstrated ability to identify and learn new services, tools, or scripting languages to help automate, monitor, and manage security operations on AWS, Azure, or Active Directory.
    • Understanding of security incident response procedures.
    • Understand the AWS shared security responsibility model
    • IT Security certifications required: CISSP or GIAC equivalent
    • AWS certifications desired: AWS Solution Architect, AWS Certified Security - Specialty

    EEO Statement

    Nelnet is an Equal Opportunity Employer, complies with Executive Order 11246, and takes affirmative action to ensure that qualified applicants are employed, and that employees are treated during employment, without regard to race, color, religion/creed, national origin, gender, or sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by Federal or State law or local ordinance. Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Nelnet Talent Acquisition & Recruiting.
    Nelnet is a Drug Free and Tobacco Free Workplace.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed