Kansas Works Veterans Jobs

Kansas Works Logo

Job Information

Nelnet Cyber Threat Intelligence Analyst in Topeka, Kansas

Nelnet is a diversified and innovative company committed to enriching lives through the power of service as a student loan servicer, professional services company, consumer loan originator and servicer, payments processor, and K-12 and higher education expert. For over 40 years, Nelnet has been serving its customers, associates, and communities.

The perks of working at Nelnet go beyond our benefits package. When you join the Nelnet team, you're part of a community invested in the success of each individual. That support comes through in our work, as we are united by our mission of creating opportunities for people where they live, learn, and work.

The Cyber Threat Intelligence Analyst role supports Nelnet’s cybersecurity operations and objectives. Identifying trends and immerging threats is a critical role within Nelnet’s security posture to protect the organization and its many customers. This role will also work closely with our various business lines and our IT shared services team to help determine, implement, and define security measures and processes needed to adequately protect our organization. Threat Intelligence collection, analysis, and dissemination of finished products to Nelnet’s various business lines, security operations teams, information technology teams, enterprise risk management teams, and overall executive decision makers. The Cybersecurity Threat Intel Analyst also coordinates with external peer groups and information security circles over cyber threats and on the development of global cyber policy to address events ranging from intrusions, malware, ransomware, DDoS, unauthorized access, insider threat attacks, and data loss protection. You will also need to understand the policy, standards, and procedures found in the Nelnet enterprise as well as understanding appropriate laws and regulations that our business.

This position requires work in support of the Company’s contract with the United States Department of Education (“ED”). As such, the United States Government requires that any applicant for this position must complete United States Government security clearance. Effective June 1, 2018, ED has informed Nelnet that security clearance applications for foreign nationals are not being accepted or processed. In light of this direction from ED, Nelnet will be unable to hire applicants without United States citizenship for such positions.

Colorado Candidates; Pay range for this role is $75,000-$150,000


• Communicate OSINT news and trends with the Security Operations Center (SOC) during regular meetings.

• Identify relevant and actionable cyber threats, trends, and new developments in the threat landscape through analysis of OSINT, news articles, industry blogs/reports

• Collect, analyze, catalog, and assist in the deployment of indicators of compromise (IOCs) in partnership with the Security Operations Center (SOC) to help refine detection and response efforts.

• Develop and hold regional expertise on cyber network operations, emerging cyber threats and trends, and the evolving policy and regulatory framework related to cyber security

• Perform technical research into current cyber network operations and emerging technologies and techniques to identify threats in various vendors supported by Nelnet.

• Manage enterprise-wide communications about new CVEs impacting Nelnet.

• Communicate with vulnerability operations and various business lines about the remediation steps taken for new CVEs

• Process Improvement of Cyber Threat Intelligence.

• Using threat intelligence platform to conduct reviews of threats and other business reviews.


-Undergraduate degree or military training and experience in cyber intelligence, general intelligence studies, security studies, political science, international relations, etc. Additional equivalent experience above the required minimum may substitute for the required level of education.

-Other technical security certifications are a plus. (CompTIA Security+ or CySA+, GIAC – GCTI, GSEC or GCIH, CRTIA-CREST, C|TIA, ISC2- CISSP)


-Minimum of two years of experience in a position that required producing cyber threat intelligence, tracking cyber threats and/or incident response, with a focus on leveraging intelligence on attacker tactics, techniques, and procedures (TTP).

-The applicant should have a minimum of 2 years of professional writing of threat intelligence briefs.


• 2+ years of professional experience in producing threat intelligence, tracking cyber threats and/or incident response.

• Possession of excellent oral and written communication skills

• Self-editing skills are essential

• A consistent self-starter with applied experience in intelligence report writing and analysis, creating finished intelligence products on threat actors, targeting campaigns, and geopolitical events.

• Ability to communicate intelligence and analysis of cyber threats in various forms (written production; briefings) for a senior-level audience

• Basic knowledge of TCP/IP and other networking protocols

• Functional knowledge of the MITRE ATT&CK Framework

• Excellent communication skills with an eye for detail and the ability to articulate business needs in cross-group and partner scenarios.

• Professional experience with Threat Intel Platform (TIP) such as ThreatConnect, Anomali, XSOAR TIM, Falcon X, Recorded Future or INTSIGHTS

• Must be able to obtain 6C Clearance

Bonus Points

• Programming experience (Python, Yara, Java, Powershell etc.)

• Experience with Security Information and Event Management (SIEM) LogRhythm, QRadar, Splunk, Elasticsearch etc.

• GeoPolitical region of comprehensive knowledge.

Our benefits package includes medical, dental, vision, HSA and FSA, generous earned time off, 401K/student loan repayment, life insurance & AD&D insurance, employee assistance program, employee stock purchase program, tuition reimbursement, performance-based incentive pay, short- and long-term disability, and a robust wellness program. Click here to learn more about our benefits: LINK (http://nelnetinc.com/careers/benefits/) .

Nelnet is an Equal Opportunity Employer, complies with Executive Order 11246, and takes affirmative action to ensure that qualified applicants are employed, and that employees are treated during employment, without regard to race, color, religion/creed, national origin, gender, or sex, marital status, age, disability, use of a guide dog or service animal, sexual orientation, military/veteran status, or any other status protected by Federal or State law or local ordinance.

Qualified individuals with disabilities who require reasonable accommodations in order to apply or compete for positions at Nelnet may request such accommodations by contacting Corporate Recruiting at 402-486-5725 or corporaterecruiting@nelnet.net .

Nelnet is a Drug Free and Tobacco Free Workplace.