Cyber Security Analyst III

(Plano, Texas-In-Office)

Job Purpose:

As a Cybersecurity Analyst III at Upbound, you will play a critical role in protecting sensitive customer and company data by proactively identifying and mitigating cyber threats across our hybrid-cloud infrastructure. Leveraging a defense-in-depth strategy, you will provide expert analysis, incident response leadership, threat intelligence integration, and technical guidance to safeguard our digital assets and ensure business continuity in a dynamic retail environment.

This role requires collaboration across teams and vendors to conduct evidence-based investigations, analyze system activity, and deliver mitigation strategies aligned with best practices and business objectives.

Upbound Group, Inc. (NASDAQ: UPBD) is a technology and data-driven leader in accessible and inclusive financial solutions that address the evolving needs and aspirations of underserved customers. The Company’s customer-facing operating units include industry-leading brands such as Acima, Brigit, and Rent-A-Center that facilitate consumer transactions across a wide range of store-based and digital channels, including over 2,300 company branded retail units across the United States, Mexico, and Puerto Rico.

Upbound Group, Inc. is headquartered in Plano, Texas.

Key Responsibilities:

• Lead or support incident detection, triage, containment, and post-incident review activities across cloud and on-prem environments.
• Collaborate with managed service providers, security vendors, and cross-functional teams to reduce risk and enhance threat detection.
• Monitor, analyze, and correlate access, system, and network logs using SIEM and endpoint detection platforms.
• Conduct forensic analysis and root cause investigations; create incident reports with technical findings, attack timelines, and executive-ready summaries and visuals.
• Track and mitigate phishing campaigns, social engineering attempts, and emerging threats.
• Provide technical guidance to stakeholders on secure architecture and threat mitigation strategies.
• Develop and maintain security documentation, including policies, control procedures, standards, and runbooks.
• Interface with internal auditors to demonstrate control effectiveness related to regulatory frameworks (e.g., SOX, PCI-DSS).
• Contribute to threat intelligence operations by identifying IOCs, TTPs, and sharing relevant insights with teams.
• Stay current on vulnerability disclosures (e.g., CISA KEV, CVEs) and recommend appropriate remediation actions.

Required Qualifications:

Security Monitoring & Analysis

• 3+ years of hands-on experience with SIEM platforms and log analysis.
• Experience identifying indicators of compromise (IOCs) related to malware, ransomware, and MITRE ATT&CK techniques.

Cloud Security

• 2+ years of experience securing AWS and/or Azure environments.
• Familiarity with cloud-native security tools and posture management platforms.

Network Protocols & Infrastructure

• 2+ years of experience with core protocols (TCP/IP, DNS, HTTP/S, IPSEC, etc.).
• Experience with endpoint protection, network monitoring, and log collection tools.

Security Tooling & Platforms

Experience with:

• SIEM
• Vulnerability management platforms
• Threat intelligence feeds/integrations
• Incident response platforms
• Auditing and forensic toolkits
• Identity and Access Management (IAM)

Communication & Documentation

• Demonstrated ability to create high-quality technical documentation, forensic reports, and executive-level summaries.
• Strong verbal and written communication skills, able to engage both technical and non-technical stakeholders.

Preferred Qualifications:

• Familiarity with Sarbanes-Oxley (SOX) and PCI-DSS compliance controls.
• Relevant certifications such as Security+, CEH, AWS Security, or equivalent.
• Prior experience in a Security Operations Center (SOC) or Network Operations Center (NOC).

Exposure to:

• Microsoft Enterprise Security platforms
• Web Application Firewalls (WAFs)
• E-Discovery & chain-of-custody principles
• SOAR solutions
• Microsoft PowerShell scripting for automation
• Web application security tools and best practices
• Security Controls for posture management in cloud environments
• NIST Cybersecurity Framework
• Risk register and governance tools

Additional Information:

• This position requires onsite presence five days a week (M–F).
• Candidates must be authorized to work in the U.S. without sponsorship.

COMPENSATION/BENEFITS

• Competitive Compensation
• Full health benefits, Medical/Dental/Vision
• 401(k) match, 6%/3%
• DTO (discretionary time off)
• Health savings account (HSA) with company contribution
• Unlimited use of Linkedin learning
• College tuition reimbursement program

Why Join Upbound?

At Upbound, we’re committed to securing a dynamic, customer-centric retail environment through cutting-edge technologies, proactive threat management, and a collaborative team culture. You'll be joining a growing InfoSec team where your input directly contributes to maturing our security posture and protecting what matters most.