Cyber Security Analyst III

Upbound Group

CYBER SECURITY ANALYST III

JOB PURPOSE:

As a Cyber Security Analyst III at Upbound, your primary responsibility is to deliver advanced technical analysis, guidance, and mitigation strategies for logical security threats impacting our infrastructure and data security. This role requires collaboration with various teams to conduct evidence-based reviews, collecting and correlating system logs, events, and processes to identify risks, threats, and indicators of compromise (IOC). Applying a defense-in-depth methodology, your goal is to protect sensitive customer and coworker data, providing threat intelligence, vulnerability remediation, and logical security measures to prevent business interruptions in a dynamic retail environment.

KEY RESPONSIBILITIES:

• Collaborate with managed service providers, security tools, log sources, and cross-functional teams to identify and mitigate threats, ensuring business continuity.

• Analyze access, network, and system logs in a hybrid-cloud environment to detect inappropriate or unauthorized access.

• Review and analyze access, network, and system logs and alerts in a hybrid-cloud environment for inappropriate or unauthorized access.

• Support business initiatives by enhancing and supporting information security requirements, standards, and principles.

• Conduct regular system tests and ensure continuous monitoring of network, system, and application security.

• Respond promptly to security events, conducting thorough post-event analysis and interfacing with auditors for compliance assurance.

• Identify and address root causes of security violations, documenting corrective actions to enhance application, data, and infrastructure security.

• Stay updated on emerging security threats, technologies, and systems.

• Create incident analysis reports including detailed forensic results, technical diagrams, and executive summary.

• Provide technical guidance and recommendations to co-workers about the risks and control measures associated with new and emerging information system technologies.

• Communicate with key groups (i.e. various lines of business and other technical teams) regarding potential threats, remediation efforts and all logical implementation steps.

• Keep pace with emerging security threats, technologies, and systems.

• Track, analyze and mitigate cyber threats, phishing, and social engineering other security related threats.

• Detect, respond, and mitigate logical and cyber threats on a per event basis.

• Monitor, review, and provide security guidance for Network security tools and associated access mediums such as Network access controllers (NAC), gateway anti-malware and enhanced authentication.

• Create analytical reports for leadership on complex technical activity.

• Identity and access management principles

• Application security and encryption technologies

• Assist in the preparation and periodic update of information security policies, architectures, standards, and other technical requirements documents needed to enhance security.

• Knowledgeable on cyber threats relative to the retail and fintech industries

• Keep up to date on the latest security standards and best practices.

JOB REQUIREMENTS:

• 3 or more years of Security information and event management correlation (SIEM) experience.

• 3 or more years of information security tools administration or cyber threat research/analysis experience

• 2 or more years of hands-on Cloud security experience (AWS - Azure) and security related tools.

• 2 or more years of hands-on experience with the following network protocols and technologies. (e.g., TCP/IP, UDP, IPSEC, DNS, HTTP, HTTPS)

• 2 or more years of hands-on experience with the following security tools and technologies

• Identify indicators of compromise for Malware, Ransom and MITRE attacks

• Endpoint protection

• Log Collection

• SIEM

• Vulnerability management platforms

• Threat Intelligence

• Incident response procedures

• Auditing and forensics analysis tools

• Basic understanding of security frameworks, compensating controls, strategies, documentation and methodologies for mitigating cyber threats

• Experience with change management and related ticketing systems.

• Demonstrated ability to create technical documentation utilizing facts, detailed technical analysis and investigation techniques.

• Must have the ability to effectively communicate in both written and verbally with stakeholders, team members and executive management in a clear and concise manner.

PREFERANCE:

• Bachelor's degree in a related field preferred.

• Basic functional knowledge of Sarbanes-Oxley (SOX) and Payment Card Industry Data Security Standards (PCI-DSS) in order to monitor and enforce related controls.

• Relevant technical security certifications (example: CISSP, GCIH, Security+, CEH, AWS Security).

• 5 or more years relevant Information security work experience.

• Functional knowledge working with some or all of the following:

• Microsoft Enterprise Security Platforms

• Web Application Firewalls (WAFs)

• Identity and access technology providers

• Multi-Factor authentication technologies and platforms

• E-Discovery/Digital forensics / Chain of custody (Legal collection of evidence)

• Security Controls for Posture management Cloud Environments

• SOAR

• Cloud security best practices

• NIST Security Framework

• Experience utilizing a risk management platform / register.

• Intermediate to Advanced Knowledge of Microsoft PowerShell

• Experience in managing web application security.

• Prior Security Operations Center (SOC) or Network Operations Center (NOC) experience

• Experience in cyber security incident response.

• MUST be able to work on-site, five days per week in Plano, TX

#LI-JD1