Upbound Group

Upbound Group, Inc. (NASDAQ: UPBD) is a technology and data-driven leader in accessible and inclusive financial solutions that address the evolving needs and aspirations of underserved customers. The Company’s customer-facing operating units include industry-leading brands such as Acima, Brigit, and Rent-A-Center that facilitate consumer transactions across a wide range of store-based and digital channels, including over 2,300 company branded retail units across the United States, Mexico, and Puerto Rico.

Upbound Group, Inc. is headquartered in Plano, Texas.

 Senior Security Engineer – Onsite (Plano, TX)

This Senior security Engineer plays a key role in Rent-A-Center’s Identity portfolio across hybrid on-premises, multi-cloud and SaaS ecosystems. This role will be a senior engineer responsible for management of identities, authorization, and authentication services for Employees, contractors, partners, and customers along with Multi-Factor Authentication (MFA) and Privileged Access Management (PAM) solutions. The incumbent is a passionate individual who is self-driven with an ability to translate complex requirements into working solutions with a security driven mindset.

JOB RESPONSIBILITIES: 

• Work with a high level of independence to ensure that all on-premises and Cloud systems, applications, endpoints, and networks have appropriate and adequate security controls in place protecting Upbound data.
• Provide leadership and security expertise to project design, development, testing, and deployment teams to ensure that all applications meet security requirements and are coded in a secure manner.
• Design, develop, enhance, integration of Identity and Access Management solutions related to authentication, authorization, SSO, Directory services utilizing security protocols like SAML, OpenID and OAuth etc.
• Plan, design and implement multi-factor authentication at an enterprise level across various applications
• Design, configure, troubleshoot, and support PAM initiatives and solutions
• Implement PAM platform customizations, enhancements, and modifications
• Collaborate with various IT and business teams both internal and external to integrate applications for Single Sign-on, Identity federations and Multi-Factor Authentication (MFA)
• Develop and implement Role Based Access Control Workflows
• Have a keen eye for continuous improvement, automation to increase overall operational efficiency
• Automate, code or script (Bash, PowerShell, RegEx and Python) as well as write SQL to query databases, when and where needed
• Thoroughly understand Upbound’s Information security policies and procedures and exercise best practices when implementing solutions
• Serve as a subject matter expertise (SME) on IAM, PAM and MFA solutions
• Provide Level of effort estimates and efforts for implementation, testing a solution
• Ability to drive complex security projects involving various lines of businesses, work in a high-pressure environment
• Document procedures and new enhancements
• Coach other team members as necessary
• Able to attain support and compliance with cyber security requirements & standards.
• Research, recommend, and evaluate commercial information security products and services to determine which should be adopted by Upbound.
• Support Cyber Security Architecture in design of a secure network infrastructure. 

JOB REQUIREMENTS (Must Haves):

• Bachelor’s degree in computer science, Information Security, a related technical field or equivalent experience.
• 5 or more years of experience in Identity Access Management, privileged access management, multi-factor authentication.
• Design and implement SAML, OIDC/OAuth2 protocol-based solutions
• Hands-on experience in design, development, implementation of authentication, authorization, and Single-Sign-On (SSO) requirements
• Strong Understanding of LDAP Directory, Microsoft Active Directory
• Strong Understanding of Multi-factor authentication technologies and implementation methodologies
• 2 years working knowledge Cloud security (AWS – Azure) architecture, environment, and WAF experience.
• Relevant experiences such as threat intelligence, incident response or similar role.
• Proficient at data analysis from logs or security controls, such as firewalls, IPS/IDS, enterprise AV, network analyzers.
• Able to lead investigations for forensic analysis to determine vectors of compromise as well as understand chain of attacks
• Strong understanding of Azure/AWS cloud environment logging, monitoring and alerting native tools such as GuardDuty, CloudTrail, Cloud App Security.
• Possess a deep knowledge of the Cyber Security Landscape for current and past malware methods, attack methodologies, and TTPs (Tactics, Techniques, and Procedures).
• Good understanding of web applications and APIs as they relate to alerts or attack exposure.
• Communicate with key groups (i.e. various lines of business and other technical teams) regarding potential threats and remediation efforts.
• Communicate technical application security concepts to employees, including developers, architects, and managers.
• Keep pace with emerging security threats, technologies, and systems.

JOB RECOMMENDED (Nice to Haves):

•  Relevant technical certifications (CISSP, OSCP, GIAC, CCSP, CCNA).
• Engineering and/or architecture experience with web applications, application stacks, web application firewalls, intrusion detection sensors, antimalware technologies, vulnerability scanning technologies, and APT prevention technologies.
• Knowledgeable on cyber threats relative to the retail industry.
• Experience in web application security testing and protection.
• Understanding of Technology Platforms (Windows, Mac, Open Source, Middleware Applications, Database Applications, Cisco, Adobe).
• Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication.
• 2 or more years of Web Application Firewall (WAF) experience.
• Understanding of Web Application Firewalls (WAFs).
• Experience creating analytical reports for Leadership on complex criminal activity.
• Experience making effective presentations to all levels, including Senior Management.
• IDS/IPS, penetration and vulnerability testing
• Firewall and intrusion detection/prevention protocols
• Secure coding practices, ethical hacking and threat modeling
• Identity and access management principles
• Application security and encryption technologies
• Understanding of Azure/AWS cloud infrastructure and Server less components as they relate to security.
• Proficiency in PowerShell or similar scripting language
• Technical Writing and Reporting Skills – proficient in preparing security reports and excellent technical writing and reporting skills.
• Possess soft skills: strong stress management, analytical, research, and problem-solving skills, able to work with minimal management, strong collaboration and interpersonal skills.

#LI-JD1