Cyber Security Analyst III

Location:
5501 Headquarters Dr, Plano, Texas, 75024, United States

Cyber Security Analyst III

 (Plano, Texas-In-Office)

 

Job Purpose:

As a Cybersecurity Analyst III at Upbound, you will play a critical role in protecting sensitive customer and company data by proactively identifying and mitigating cyber threats across our hybrid-cloud infrastructure. Leveraging a defense-in-depth strategy, you will provide expert analysis, incident response leadership, threat intelligence integration, and technical guidance to safeguard our digital assets and ensure business continuity in a dynamic retail environment.

This role requires collaboration across teams and vendors to conduct evidence-based investigations, analyze system activity, and deliver mitigation strategies aligned with best practices and business objectives.

 

Upbound Group, Inc. (NASDAQ: UPBD) is a technology and data-driven leader in accessible and inclusive financial solutions that address the evolving needs and aspirations of underserved customers. The Company’s customer-facing operating units include industry-leading brands such as Acima, Brigit, and Rent-A-Center that facilitate consumer transactions across a wide range of store-based and digital channels, including over 2,300 company branded retail units across the United States, Mexico, and Puerto Rico.

 

Upbound Group, Inc. is headquartered in Plano, Texas.

 

Key Responsibilities:

  • Lead or support incident detection, triage, containment, and post-incident review activities across cloud and on-prem environments.
  • Collaborate with managed service providers, security vendors, and cross-functional teams to reduce risk and enhance threat detection.
  • Monitor, analyze, and correlate access, system, and network logs using SIEM and endpoint detection platforms.
  • Conduct forensic analysis and root cause investigations; create incident reports with technical findings, attack timelines, and executive-ready summaries and visuals.
  • Track and mitigate phishing campaigns, social engineering attempts, and emerging threats.
  • Provide technical guidance to stakeholders on secure architecture and threat mitigation strategies.
  • Develop and maintain security documentation, including policies, control procedures, standards, and runbooks.
  • Interface with internal auditors to demonstrate control effectiveness related to regulatory frameworks (e.g., SOX, PCI-DSS).
  • Contribute to threat intelligence operations by identifying IOCs, TTPs, and sharing relevant insights with teams.
  • Stay current on vulnerability disclosures (e.g., CISA KEV, CVEs) and recommend appropriate remediation actions.

Required Qualifications:

Security Monitoring & Analysis

  • 3+ years of hands-on experience with SIEM platforms and log analysis.
  • Experience identifying indicators of compromise (IOCs) related to malware, ransomware, and MITRE ATT&CK techniques.

Cloud Security

  • 2+ years of experience securing AWS and/or Azure environments.
  • Familiarity with cloud-native security tools and posture management platforms.

Network Protocols & Infrastructure

  • 2+ years of experience with core protocols (TCP/IP, DNS, HTTP/S, IPSEC, etc.).
  • Experience with endpoint protection, network monitoring, and log collection tools.

Security Tooling & Platforms

 

Experience with:

    • SIEM
    • Vulnerability management platforms
    • Threat intelligence feeds/integrations
    • Incident response platforms
    • Auditing and forensic toolkits
    • Identity and Access Management (IAM)

Communication & Documentation

  • Demonstrated ability to create high-quality technical documentation, forensic reports, and executive-level summaries.
  • Strong verbal and written communication skills, able to engage both technical and non-technical stakeholders.

 Preferred Qualifications:

  • Familiarity with Sarbanes-Oxley (SOX) and PCI-DSS compliance controls.
  • Relevant certifications such as Security+, CEH, AWS Security, or equivalent.
  • Prior experience in a Security Operations Center (SOC) or Network Operations Center (NOC).

Exposure to:

    • Microsoft Enterprise Security platforms
    • Web Application Firewalls (WAFs)
    • E-Discovery & chain-of-custody principles
    • SOAR solutions
    • Microsoft PowerShell scripting for automation
    • Web application security tools and best practices
    • Security Controls for posture management in cloud environments
    • NIST Cybersecurity Framework
    • Risk register and governance tools

 Additional Information:

  • This position requires onsite presence five days a week (M–F).
  • Candidates must be authorized to work in the U.S. without sponsorship.

 COMPENSATION/BENEFITS

  • Competitive Compensation
  • Full health benefits, Medical/Dental/Vision
  • 401(k) match, 6%/3%
  • DTO (discretionary time off)
  • Health savings account (HSA) with company contribution
  • Unlimited use of Linkedin learning
  • College tuition reimbursement program

Why Join Upbound?

At Upbound, we’re committed to securing a dynamic, customer-centric retail environment through cutting-edge technologies, proactive threat management, and a collaborative team culture. You'll be joining a growing InfoSec team where your input directly contributes to maturing our security posture and protecting what matters most.