Upbound Group
Job Description
Upbound Group
Cyber Security Analyst
JOB PURPOSE
As a Cyber Security Analyst at Upbound, your primary responsibility is to deliver advanced technical analysis, guidance, and mitigation strategies for logical security threats impacting our infrastructure and data security. This role requires collaboration with various teams to conduct evidence‑based reviews, collecting and correlating system logs, events, and processes to identify risks, threats, and indicators of compromise (IOC). Applying a defense‑in‑depth methodology, your goal is to protect sensitive customer and coworker data, providing threat intelligence, vulnerability remediation, and logical security measures to prevent business interruptions in a dynamic retail environment.
KEY RESPONSIBILITIES
Collaborate with managed service providers, security tool vendors, and cross‑functional teams to identify and mitigate threats, ensuring business continuity.
Analyze access, network, and system logs in a hybrid‑cloud environment to detect inappropriate or unauthorized access.
Respond promptly to security events, conducting thorough post‑event analysis and interfacing with auditors for compliance assurance.
Identify and address root causes of security violations, documenting corrective actions to enhance application, data, and infrastructure security.
Create incident analysis reports including detailed forensic results, technical diagrams, and executive summary.
Provide technical guidance and recommendations to co‑workers about the risks and control measures associated with new and emerging information system technologies.
Track, analyze and mitigate cyber threats, phishing, and social engineering other security related threats.
Assist in the preparation and periodic update of information security policies, architectures, standards, and other technical requirements documents needed to enhance security.
JOB REQUIREMENTS
3 or more years of Security information and event management correlation (SIEM) experience.
3 or more years of information security tools administration or cyber threat research/analysis experience
2 or more years of hands‑on Cloud security experience (AWS – Azure) and security related tools.
2 or more years of hands‑on experience with the following network protocols and technologies (, TCP/IP, UDP, IPSEC, DNS, HTTP, HTTPS)
2 or more years of hands‑on experience with the following security tools and technologies
Identify indicators of compromise for Malware, Ransom and MITRE attacks
Endpoint protection
Log Collection
SIEM
Vulnerability management platforms
Threat Intelligence
Incident response procedures
Auditing and forensics analysis tools
Basic understanding of security frameworks, compensating controls, strategies, documentation and methodologies for mitigating cyber threats
Experience with change management and related ticketing systems
Demonstrated ability to create technical documentation utilizing facts, detailed technical analysis and investigation techniques.
Must have the ability to effectively communicate in both written and verbally with stakeholders, team members and executive management in a clear and concise manner.
Ability to work in office 5 days a week (M‑F)
PREFERENCE
Basic functional knowledge of Sarbanes‑Oxley (SOX) and Payment Card Industry Data Security Standards (PCI‑DSS) in order to monitor and enforce related controls.
Relevant technical security certifications (example: Security+, CEH, AWS Security).
Functional knowledge working with some or all of the following:
Microsoft Enterprise Security Platforms
Web Application Firewalls (WAFs)
Identity and access technology providers
Multi‑Factor authentication technologies and platforms
E‑Discovery/Digital forensics / Chain of custody (Legal collection of evidence)
Security Controls for Posture management Cloud Environments
SOAR
Cloud security best practices
NIST Security Framework
Experience utilizing a risk management platform / register.
Intermediate to Advanced Knowledge of Microsoft PowerShell
Experience in managing web application security.
Prior Security Operations Center (SOC) or Network Operations Center (NOC) experience
Experience in cyber security incident response.
#J-18808-Ljbffr
KEY RESPONSIBILITIES
Collaborate with managed service providers, security tool vendors, and cross‑functional teams to identify and mitigate threats, ensuring business continuity.
Analyze access, network, and system logs in a hybrid‑cloud environment to detect inappropriate or unauthorized access.
Respond promptly to security events, conducting thorough post‑event analysis and interfacing with auditors for compliance assurance.
Identify and address root causes of security violations, documenting corrective actions to enhance application, data, and infrastructure security.
Create incident analysis reports including detailed forensic results, technical diagrams, and executive summary.
Provide technical guidance and recommendations to co‑workers about the risks and control measures associated with new and emerging information system technologies.
Track, analyze and mitigate cyber threats, phishing, and social engineering other security related threats.
Assist in the preparation and periodic update of information security policies, architectures, standards, and other technical requirements documents needed to enhance security.
JOB REQUIREMENTS
3 or more years of Security information and event management correlation (SIEM) experience.
3 or more years of information security tools administration or cyber threat research/analysis experience
2 or more years of hands‑on Cloud security experience (AWS – Azure) and security related tools.
2 or more years of hands‑on experience with the following network protocols and technologies (, TCP/IP, UDP, IPSEC, DNS, HTTP, HTTPS)
2 or more years of hands‑on experience with the following security tools and technologies
Identify indicators of compromise for Malware, Ransom and MITRE attacks
Endpoint protection
Log Collection
SIEM
Vulnerability management platforms
Threat Intelligence
Incident response procedures
Auditing and forensics analysis tools
Basic understanding of security frameworks, compensating controls, strategies, documentation and methodologies for mitigating cyber threats
Experience with change management and related ticketing systems
Demonstrated ability to create technical documentation utilizing facts, detailed technical analysis and investigation techniques.
Must have the ability to effectively communicate in both written and verbally with stakeholders, team members and executive management in a clear and concise manner.
Ability to work in office 5 days a week (M‑F)
PREFERENCE
Basic functional knowledge of Sarbanes‑Oxley (SOX) and Payment Card Industry Data Security Standards (PCI‑DSS) in order to monitor and enforce related controls.
Relevant technical security certifications (example: Security+, CEH, AWS Security).
Functional knowledge working with some or all of the following:
Microsoft Enterprise Security Platforms
Web Application Firewalls (WAFs)
Identity and access technology providers
Multi‑Factor authentication technologies and platforms
E‑Discovery/Digital forensics / Chain of custody (Legal collection of evidence)
Security Controls for Posture management Cloud Environments
SOAR
Cloud security best practices
NIST Security Framework
Experience utilizing a risk management platform / register.
Intermediate to Advanced Knowledge of Microsoft PowerShell
Experience in managing web application security.
Prior Security Operations Center (SOC) or Network Operations Center (NOC) experience
Experience in cyber security incident response.
#J-18808-Ljbffr