Cybersecurity Analyst III
Upbound Group
Vulnerability Management Specialist Information Security | Cybersecurity Operations On-Site, Full-Time About The Role This position is the senior technical owner of our enterprise vulnerability management program. The ideal candidate combines deep technical expertise with the communication skills and organizational influence needed to drive risk reduction outcomes across the business. Incident response support is a secondary but meaningful responsibility. Job Purpose The Cybersecurity Analyst III — Vulnerability Management Specialist leads our enterprise vulnerability management program across cloud, endpoint, network, and identity environments. This role is responsible for the full vulnerability lifecycle: continuous discovery and scanning, risk-based prioritization, coordinated remediation, validation, and executive reporting. This is a program leadership role, not simply an analyst seat. The right candidate drives measurable risk reduction by building strong cross‑functional relationships, maintaining clear remediation SLAs, and ensuring the organization consistently moves from vulnerability identification to resolution. In addition to owning the VM program, this analyst supports cybersecurity incident response efforts, contributing environmental knowledge and analytical depth when incidents arise. Key Responsibilities Vulnerability Management Program Leadership (~70–80%) Lead the enterprise vulnerability management lifecycle: asset discovery, continuous scanning, risk-based prioritization, remediation coordination, validation, and reporting. Define and maintain SLA/remediation timelines by risk tier and manage escalation paths for items approaching or exceeding thresholds. Partner with infrastructure, cloud, engineering, application, and endpoint teams to ensure vulnerability findings are clearly communicated, ownership is assigned, and remediation is completed on schedule. Translate vulnerability data into business context: deliver clear reporting for technical teams and concise risk summaries for executive audiences that reflect progress, trends, and areas of focus. Prioritize vulnerabilities using risk-based methodologies that incorporate CVSS scores, EPSS, CISA KEV, asset criticality, business impact, and active threat intelligence — not severity scores in isolation. Maintain a formal risk acceptance and exception process, including documentation of business justification, compensating controls, and expiration timelines. Integrate vulnerability findings into ticketing and ITSM workflows (e.g., ServiceNow, Jira) to ensure every finding has an assigned owner, a due date, and a tracked resolution path. Develop and maintain program KPIs: vulnerability fix rate, mean time to remediate (MTTR), scan coverage, exception aging, and sustained reduction in critical/high exposure. Facilitate regular stakeholder reviews with technology teams to assess remediation progress, surface blockers, and maintain shared accountability for risk outcomes. Continuously refine scanning coverage, tool configurations, and program policies in response to environmental changes and evolving threats. Monitor threat intelligence feeds, vulnerability disclosures, and CISA KEV to identify newly weaponized vulnerabilities that warrant accelerated remediation cycles. Coordinate formal risk acceptance decisions with leadership for findings that cannot be addressed within standard timelines; maintain auditable records of approvals. Incident Response Support (~20–30%) Support cybersecurity incident response activities including triage, containment, eradication, recovery, and post-incident review. Apply vulnerability landscape knowledge and asset inventory familiarity to provide rapid environmental context during active investigations. Participate in incident post-mortems and incorporate findings into vulnerability management program improvements. Contribute to security documentation including runbooks, playbooks, and vulnerability management procedures. Cross-Functional Collaboration & Communication Serve as the primary security point of contact for technology teams on vulnerability obligations, remediation expectations, and risk escalation. Advise technology partners on patch management strategies, configuration hardening, and compensating controls. Support internal audit and compliance engagements by demonstrating control effectiveness against SOX, PCI-DSS, and other applicable frameworks. Promote security awareness among technology partners by providing clear context on why remediation requirements exist and how they protect the organization. Who Thrives Here This role is best suited for a security professional who takes ownership seriously — someone who is as focused on getting vulnerabilities fixed as they are on finding them. If you are energized by building relationships, navigating organizational dynamics, and tracking risk metrics over time, you will find this role deeply rewarding. Required Qualifications Vulnerability Management Expertise 5+ years of experience in cybersecurity operations, with at least 3 years in a role focused on enterprise vulnerability management. Hands‑on experience with enterprise vulnerability scanning platforms such as Tenable (Nessus / Tenable.io / Tenable.sc), Qualys, or Rapid7 InsightVM. Demonstrated experience owning a vulnerability management program end to end, including SLA development, remediation coordination, and stakeholder accountability. Experience integrating vulnerability findings with ITSM or ticketing platforms (ServiceNow, Jira, or equivalent) to operationalize remediation workflows. Strong command of risk-based vulnerability prioritization frameworks: CVSS, EPSS, CISA KEV, asset criticality, and business impact analysis. Experience developing vulnerability metrics, executive dashboards, and program performance reporting. Familiarity with vulnerability lifecycle management practices: risk acceptance, exception handling, compensating controls, and SLA governance. Stakeholder Engagement & Cross-Functional Influence Proven ability to drive remediation outcomes through technology teams (infrastructure, cloud, engineering, application) using influence, communication, and structured accountability — without direct management authority. Strong written and verbal communication skills with the ability to tailor messaging for technical and non-technical audiences alike. Experience facilitating recurring stakeholder forums such as remediation review meetings, and maintaining follow‑through on commitments via escalation when needed. Demonstrated ability to build credibility and collaborative relationships across peer teams. Technical Depth Solid understanding of cloud security in AWS and/or Azure environments, including cloud-native security tooling and logging architectures. Familiarity with endpoint protection, network monitoring, intrusion detection, and IAM platforms. Working knowledge of core network protocols (TCP/IP, DNS, SMTP, etc.). Experience with SIEM platforms and security log analysis. Familiarity with the MITRE ATT&CK framework and how adversary TTPs inform vulnerability prioritization. Foundational knowledge of incident response concepts and practices sufficient to contribute meaningfully when called upon. Preferred Qualifications Relevant certifications: CISSP, GPEN, GWAPT, CompTIA Security+, Tenable Certified, Qualys Certified, or equivalent. Familiarity with SOX and PCI-DSS compliance requirements as they relate to vulnerability and patch management. Experience with exposure management methodologies such as Continuous Threat Exposure Management (CTEM) and attack surface management. Familiarity with SOAR platforms or automation tools used to streamline vulnerability-to-ticket workflows. Experience with Microsoft Defender suite, Rapid7, or comparable enterprise security platforms. Exposure to penetration testing or adversary emulation methodologies to inform vulnerability prioritization. Familiarity with AI-assisted attack techniques and their implications for vulnerability exploit timelines. What Success Looks Like All critical and high vulnerabilities tracked in integrated workflows with clear ownership and due dates. Consistent remediation within defined SLA timelines across technology teams. Measurable, sustained reduction in mean time to remediate (MTTR) for critical and high findings. Reliable executive reporting cadence with meaningful risk trend data. Comprehensive scan coverage across endpoint, cloud, network, and identity environments. Additional Information This position requires on-site presence five days per week (Monday – Friday). Sponsorship Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment visa at this time. Why Join Our Team You will join a collaborative and growing Cybersecurity Operations team where your leadership of the vulnerability management program directly shapes the organization’s security posture. This is a high-visibility role with broad cross‑functional reach, real ownership, and the opportunity to make a measurable difference. If you are looking for a position where your work has clear, demonstrable impact on risk reduction, we want to hear from you. Upbound Group is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. #J-18808-Ljbffr
- ...Cybersecurity Analyst III Vulnerability Management Specialist Information Security | Cybersecurity Operations On-Site, Full-Time About the Role This position is the senior technical owner of our enterprise vulnerability management program. The ideal candidate combines...SuggestedFull timeWork visaMonday to Friday
- ...role at one of the world's most iconic financial institutions where security is vital. As a Security Engineer III at JPMorganChase within the Cybersecurity and Technology Controls Line of Business, you serve as a seasoned member of a team that works to deliver software...Suggested
- Security Engineer III - Python & Cloud Plano, TX. This role involves delivering software solutions that satisfy functional and user... ..., and support product operations Drives the maturity of the Cybersecurity Software Development Lifecycle (SDLC) with advanced understanding...Suggested
- ...detail, superb documentation skills, and the ability to solve complex problems? This may be the position for you! The Configuration Analyst III is a high-level position responsible for overseeing and managing the configuration of highly complex engineering and...SuggestedWork at office
- Network Engineer III Senior Enterprise Network Security Engineer designed, secures, and operates the University’s enterprise network... .... The role blends advanced network engineering with cybersecurity, emphasizing Palo Alto (PANOS/Prisma Access) and Juniper (EX/QFX...SuggestedWork at officeRemote work
$50 - $55 per hour
...Description # Home # Search Jobs # Job Description Business Analyst III Contract: Plano, Texas, US Salary Range: 50.00 - 55.00 | Per Hour Job Code: 370083 End Date: 2026-07-17 Days Left: 3 days, 3 hours left Apply An Excellent...Hourly payContract workTemporary work- ...Scrum Master III Technology Operations and Engineering, Digital Business Operations Who We Are At Upbound Group, we are committed to elevating financial opportunity for all through innovative, inclusive, and technology-driven financial solutions that address the evolving...Local areaWork visaMonday to Friday
- Data Science Analyst III - DSC103 - TEMPLATE Full-time Target Hiring Range (2): Sample value At Fannie Mae, futures are made. The inspiring work we do makes an affordable home a reality and a difference in the lives of Americans. Every day offers compelling opportunities...Full time
- KFC Corporation is seeking a Product Operations Analyst III, RED360 to support various initiatives related to customer data and marketing technology. This role is integral in collaborating with Brand, Marketing, Engineering, and Operations to translate business requirements...
- ...meaningful work environment that supports and protects explorers and heroes? Join our team! The Program Planning and Scheduling Analyst III leads the development and management of comprehensive project schedules for large-scale and complex programs. This role ensures the...Work at office
- ...rewarding opportunity for you to take your software engineering career to the next level. As an iOS Mobile Platform Software Engineer III at JPMorganChase within the Consumer & Community Banking, you serve as a seasoned member of an agile team to design and deliver...
- Program Planning and Scheduling Analyst III The Program Planning and Scheduling Analyst III leads the development and management of comprehensive project schedules for large‑scale and complex programs within the ISR, Aviation, and Security (IAS) business area. The role...Work at office
- A leading financial institution is seeking a Security Engineer III in Plano, Texas, to lead security solutions within the Cybersecurity and Technology Controls team. The role demands at least 3 years of experience in security engineering, strong coding skills, and proficiency...
$95.2k - $124.95k
...HVAC) industry. We are guided by our core values of Integrity, Respect, and Excellence.We have an opening for a Digital Business Analyst III. This person will play a crucial role in supporting key digital products across B2B ecommerce and other areas. The Business Analyst...Temporary work- North Texas Municipal Water is seeking a cybersecurity professional to safeguard Operational Technology (OT) environments including SCADA systems. This role involves improving the OT cybersecurity posture, collaborating with various teams, and ensuring compliance with regulatory...
- North Texas Municipal Water District seeks a cybersecurity professional to enhance the security of Operational Technology (OT) environments. This role involves monitoring and assessing cybersecurity measures while ensuring compliance with industry standards. You will collaborate...
- ...(ICS) supporting water and wastewater operations. This position is responsible for monitoring, assessing, and improving the OT cybersecurity posture to reduce risk while ensuring safety, reliability, and regulatory compliance. The role involves collaboration with Operations...Work at officeRemote work
- ...have an exciting and rewarding opportunity for you to take your software engineering career to the next level. As a Software Engineer III at JPMorgan Chase within the Corporate Sector - Cloud Platform Services team, you serve as a seasoned member of an agile team to...
$52.5 per hour
...Term 6-month contract with high likelihood of extension or conversion to a full-time employee Position overview - Marketing Analyst Coordinator III The main function of a marketing analyst/coordinator is to research market conditions in local, regional, or national areas...Hourly payFull timeContract workLocal areaMonday to Friday- A financial services provider in Plano, Texas, is seeking a Data Science Analyst III to lead data-driven insights and recommendations. The role involves advanced predictive modeling, collaboration with data engineering teams, and communication of analytical findings to...
- At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place...Shift workDay shift
- Get notified about new Information Technology Security Analyst jobs in United States . 1,000+ Information Technology Security Analyst Jobs in United States Information Systems Security Officer (ISSO) Information Systems Security Officer (ISSO) Information Systems Security...
- ...systems. Qualifications Bachelor's Degree or Equivalent experience 2+ years Experience within installing, configuring, and using cybersecurity software for securing data. Knowledge of NetApp, Varonis and Trend Micro Server Protect is a bonus. Exceptional understanding of...Worldwide
- ...US Citizens & Permanent Residents ONLY Job Title: Business Analyst III Location (Onsite, No Remote): Cary, NC or Carrolton, TX Responsibilities A Business Analyst III takes a more proactive role in analyzing business needs and translating them into effective technology...Permanent employmentWork experience placementRemote work
$75 - $85 per hour
...transfer requirements in classified environments Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field; equivalent experience considered DoD 8570/8140 IAT Level III certification (CASP+, CISSP, or equivalent) Job Type & Location...Contract workTemporary workFor contractors- ...- Check Imaging Solutions business unit under the Complementary Solutions brand has an opening for an advanced level Applications Analyst. If you have an item and image processing background, back office operations, or technology background in a Financial Institution,...Work experience placementWork at officeLocal areaRemote workWeekend work
- Responsibilities Own the quality and readiness of Saucy! in-restaurant and digital technology stack by leading comprehensive QA planning, execution, and release cycles. Partner with product, engineering, and business stakeholders to ensure solutions meet defined quality...Flexible hours
- Toyota Tsusho Systems US, Inc. in Plano, Texas, is seeking a Cyber Data Security Specialist to implement, configure, and support data security software across a global manufacturing landscape, in a mixed on‑premises and cloud environment. You will monitor malware, manage...
- [Position Overview] Job Title: Business Analyst 3 - Data Analysis & Business Intelligence Education: Bachelor's degree in Business or related field (MBA or advanced degree preferred) 4+ years of experience in data analysis, business analysis, or financial analysis Job Type...Hourly payFull timeH1b
$95k - $125k
Job Title: Business Central Analyst III Job ID: 87701 Location: Frisco, Texas Overview Our client, a veteran owned retail brand is looking for a Business Central Analyst to take ownership of supporting, improving, and evolving our Microsoft Dynamics 365 Business Central...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Cybersecurity Analyst III. Be the first to apply!
- cyber security lead Plano, TX
- cybersecurity policy and compliance analyst Plano, TX
- cybersecurity specialist Plano, TX
- cyber security incident responder Plano, TX
- senior cybersecurity engineer Plano, TX
- cyber security Plano, TX
- cyber security architect Plano, TX
- cybersecurity Plano, TX
- cyber security intern Plano, TX
- remote cyber security Plano, TX


