Cybersecurity Compliance Analyst II - Cybersecurity Process Optimization & Access Review Lead

Location:
5501 Headquarters Dr, Plano, Texas, 75024, United States

Cybersecurity Compliance Analyst II - Cybersecurity Process Optimization & Access Review Lead  

(Plano Texas In-Office) 

 
 

ABOUT UPBOUND 

Upbound Group, Inc. (effective February 27, 2023: NASDAQ: UPBD) is an omni-channel platform company committed to elevating financial opportunity for all through innovative, inclusive, and technology-driven financial solutions that address the evolving needs and aspirations of consumers. The Company’s customer-facing operating units include industry-leading brands such as Rent-A-Center and Acima that facilitate consumer transactions across a wide range of store-based and digital retail channels, including over 2,400 company branded retail units across the United States, Mexico and Puerto Rico. Upbound Group, Inc. is headquartered in Plano, Texas. Acima is headquartered in Draper Utah 

 

JOB RESPONSIBILITIES:   
The Cybersecurity Compliance Analyst-Process Optimization & Access Review Lead's primary responsibility is ensuring User Access Reviews (UAR) for all of our key and regulated systems are performed timely and accurately. As part of this role, you will work with our System Owners and our GRC Program Management Lead to ensure you have the data you need from our critical systems. You will participate in product development requirements to ensure the data you receive is accurate, complete, and optimized to process UARs. You will work with System Owners, managers, and leadership to obtain approvals for individuals with access to critical systems. You will collaborate with technologists to keep up with the changes in our technology landscape, and you will design and adapt UARs to accommodate our new and changing technologies. You will be a valued member of the Upbound Group Cybersecurity Governance, Risk, and Compliance (GRC) team and will work directly with technologists and leadership for all Upbound brands.  
 
JOB REQUIREMENTS 

  

  • Responsible for overseeing and facilitating User Access Reviews 
  • Design and Standardize UAR Templates & Processes 
  • Utilize AI, Power Automate and other cloud technologies to modernize the UAR process 
  • Adapt to changes within our technology and compliance landscape 
  • Obtain user data from system owners 
  • Obtain appropriate approvals for all users with access 
  • Archive all evidence, approvals, and working documents  
  • Submit all evidence to Internal Audit before the end of each quarter 
  • Must be able to apply cloud technologies to a data driven process 
  • Partner with System Owners and our GRC Program Management Lead to ensure you have the data you need from our critical systems 
  • Work systematically to complete all UARs within each quarter 
  • Provides support to Internal and External Auditors 
  • Collects audit evidence for internal or external auditors 
  • Tracks work and obtains approvals within our GRC tools.  
  • Supports GRC Team by contributing to the end-of-year audit 
  • Identifies problems and professionally presents findings 
  • Provides visibility into current compliance status through timely tracking, trending, and escalation of issues. 
  • Ability to translate Enterprise-level policies and how they would be applied at the technology and process level 
  • Establishes and meets deadlines to ensure adherence to rules and regulations. 
  • Works effectively as a member of the GRC Team 
  • 5+ years of relevant experience in audit, compliance programs, or as a technologist 
  • 2+ years of maintaining or monitoring cybersecurity controls 
  • General understanding of business processes and how to apply regulatory compliance requirements 
  • Strong communication skills with proven ability to drive solutions across all organizational levels 
  • Certified Information Systems Auditor (CISA) preferred 
  • Certified in Risk and Information Systems Control (CRISC) preferred 
  • 5+ years of experience with any compliance framework such as ISO, SOX, SOC, PCI, etc. 

 

BENEFITS/COMPENSATION 

  • DTO (discretionary time off) 
  • Medical insurance with Blue Cross Blue Shield  
  • Health Savings Account (HSA) with company contribution 
  • Dental insurance (Cigna) and Vision insurance (United Healthcare) 
  • Paid holidays 
  • 401K match, 6%/3% 
  • College tuition reimbursement program (STEAM (Science, Technology, Engineering, Accounting, and Math)