Cyber Security Analyst III (Plano, Texas-In-Office) Job Purpose: As a Cybersecurity Analyst III at Upbound, you will play a critical role in protecting sensitive customer and company data by proactively identifying and mitigating cyber threats across our hybrid-cloud infrastructure. Leveraging a defense-in-depth strategy, you will provide expert analysis, incident response leadership, threat intelligence integration, and technical guidance to safeguard our digital assets and ensure business continuity in a dynamic retail environment. This role requires collaboration across teams and vendors to conduct evidence-based investigations, analyze system activity, and deliver mitigation strategies aligned with best practices and business objectives. Upbound Group, Inc. (NASDAQ: UPBD) is a technology and data-driven leader in accessible and inclusive financial solutions that address the evolving needs and aspirations of underserved customers. The Company's customer-facing operating units include industry-leading brands such as Acima, Brigit, and Rent-A-Center that facilitate consumer transactions across a wide range of store-based and digital channels, including over 2,300 company branded retail units across the United States, Mexico, and Puerto Rico. Upbound Group, Inc. is headquartered in Plano, Texas. Key Responsibilities: * Lead or support incident detection, triage, containment, and post-incident review activities across cloud and on-prem environments. * Collaborate with managed service providers, security vendors, and cross-functional teams to reduce risk and enhance threat detection. * Monitor, analyze, and correlate access, system, and network logs using SIEM and endpoint detection platforms. * Conduct forensic analysis and root cause investigations; create incident reports with technical findings, attack timelines, and executive-ready summaries and visuals. * Track and mitigate phishing campaigns, social engineering attempts, and emerging threats. * Provide technical guidance to stakeholders on secure architecture and threat mitigation strategies. * Develop and maintain security documentation, including policies, control procedures, standards, and runbooks. * Interface with internal auditors to demonstrate control effectiveness related to regulatory frameworks (e.g., SOX, PCI-DSS). * Contribute to threat intelligence operations by identifying IOCs, TTPs, and sharing relevant insights with teams. * Stay current on vulnerability disclosures (e.g., CISA KEV, CVEs) and recommend appropriate remediation actions. Required Qualifications: Security Monitoring & Analysis * 3+ years of hands-on experience with SIEM platforms and log analysis. * Experience identifying indicators of compromise (IOCs) related to malware, ransomware, and MITRE ATT&CK techniques. Cloud Security * 2+ years of experience securing AWS and/or Azure environments. * Familiarity with cloud-native security tools and posture management platforms. Network Protocols & Infrastructure * 2+ years of experience with core protocols (TCP/IP, DNS, HTTP/S, IPSEC, etc.). * Experience with endpoint protection, network monitoring, and log collection tools. Security Tooling & Platforms Experience with: * SIEM * Vulnerability management platforms * Threat intelligence feeds/integrations * Incident response platforms * Auditing and forensic toolkits * Identity and Access Management (IAM) Communication & Documentation * Demonstrated ability to create high-quality technical documentation, forensic reports, and executive-level summaries. * Strong verbal and written communication skills, able to engage both technical and non-technical stakeholders. Preferred Qualifications: * Familiarity with Sarbanes-Oxley (SOX) and PCI-DSS compliance controls. * Relevant certifications such as Security+, CEH, AWS Security, or equivalent. * Prior experience in a Security Operations Center (SOC) or Network Operations Center (NOC). Exposure to: * Microsoft Enterprise Security platforms * Web Application Firewalls (WAFs) * E-Discovery & chain-of-custody principles * SOAR solutions * Microsoft PowerShell scripting for automation * Web application security tools and best practices * Security Controls for posture management in cloud environments * NIST Cybersecurity Framework * Risk register and governance tools Additional Information: * This position requires onsite presence five days a week (M-F). * Candidates must be authorized to work in the U.S. without sponsorship. COMPENSATION/BENEFITS * Competitive Compensation * Full health benefits, Medical/Dental/Vision * 401(k) match, 6%/3% * DTO (discretionary time off) * Health savings account (HSA) with company contribution * Unlimited use of Linkedin learning * College tuition reimbursement program Why Join Upbound? At Upbound, we're committed to securing a dynamic, customer-centric retail environment through cutting-edge technologies, proactive threat management, and a collaborative team culture. You'll be joining a growing InfoSec team where your input directly contributes to maturing our security posture and protecting what matters most.