Upbound Group

Cyber Security Analyst

JOB PURPOSE:

As a Cyber Security Analyst at Upbound, your primary responsibility is to deliver advanced technical analysis, guidance, and mitigation strategies for logical security threats impacting our infrastructure and data security. This role requires collaboration with various teams to conduct evidence-based reviews, collecting and correlating system logs, events, and processes to identify risks, threats, and indicators of compromise (IOC). Applying a defense-in-depth methodology, your goal is to protect sensitive customer and coworker data, providing threat intelligence, vulnerability remediation, and logical security measures to prevent business interruptions in a dynamic retail environment.

KEY RESPONSIBILITIES:

• Collaborate with managed service providers, security tool vendors, and cross-functional teams to identify and mitigate threats, ensuring business continuity.
• Analyze access, network, and system logs in a hybrid-cloud environment to detect inappropriate or unauthorized access.
• Respond promptly to security events, conducting thorough post-event analysis and interfacing with auditors for compliance assurance.
• Identify and address root causes of security violations, documenting corrective actions to enhance application, data, and infrastructure security.
• Create incident analysis reports including detailed forensic results, technical diagrams, and executive summary.
• Provide technical guidance and recommendations to co-workers about the risks and control measures associated with new and emerging information system technologies.
• Track, analyze and mitigate cyber threats, phishing, and social engineering other security related threats.
• Assist in the preparation and periodic update of information security policies, architectures, standards, and other technical requirements documents needed to enhance security.

JOB REQUIREMENTS:

• 3 or more years of Security information and event management correlation (SIEM) experience.
• 3 or more years of information security tools administration or cyber threat research/analysis experience
• 2 or more years of hands-on Cloud security experience (AWS – Azure) and security related tools.
• 2 or more years of hands-on experience with the following network protocols and technologies (e.g., TCP/IP, UDP, IPSEC, DNS, HTTP, HTTPS)
• 2 or more years of hands-on experience with the following security tools and technologies
• Identify indicators of compromise for Malware, Ransom and MITRE attacks
• Endpoint protection
• Log Collection
• SIEM
• Vulnerability management platforms
• Threat Intelligence
• Incident response procedures
• Auditing and forensics analysis tools
• Basic understanding of security frameworks, compensating controls, strategies, documentation and methodologies for mitigating cyber threats
• Experience with change management and related ticketing systems
• Demonstrated ability to create technical documentation utilizing facts, detailed technical analysis and investigation techniques.
• Must have the ability to effectively communicate in both written and verbally with stakeholders, team members and executive management in a clear and concise manner.
• Ability to work in office 5 days a week (M-F)

PREFERENCE:

• Basic functional knowledge of Sarbanes-Oxley (SOX) and Payment Card Industry Data Security Standards (PCI-DSS) in order to monitor and enforce related controls.
• Relevant technical security certifications (example: Security+, CEH, AWS Security).
• Functional knowledge working with some or all of the following:
• Microsoft Enterprise Security Platforms
• Web Application Firewalls (WAFs)
• Identity and access technology providers
• Multi-Factor authentication technologies and platforms
• E-Discovery/Digital forensics / Chain of custody (Legal collection of evidence)
• Security Controls for Posture management Cloud Environments
• SOAR
• Cloud security best practices
• NIST Security Framework
• Experience utilizing a risk management platform / register.
• Intermediate to Advanced Knowledge of Microsoft PowerShell
• Experience in managing web application security.
• Prior Security Operations Center (SOC) or Network Operations Center (NOC) experience
• Experience in cyber security incident response. 

#LI-JD1