Job Description

Welcome to Ross Stores, Inc., where our differences make us stronger At Ross and dds, inclusion is a way of life. We care about our Associates and the communities we serve and we value their differences. We are committed to building diverse teams and an inclusive culture. We respect and celebrate the diversity of backgrounds, identities, and ideas of those who work and shop with us. Come join us as we continue our diversity, equality and inclusion journey!

GENERAL PURPOSE:

The Security Engineer provides technical advice on a wide variety of information security issues, concerns, and problems. This position is also responsible for making sure that all business applications developed in-house or developed by outsiders on behalf of the company to include adequate control measures. By working on committees and task forces throughout the company, diligently assists with the improvement of security of information systems.

ESSENTIAL FUNCTIONS:

Provides users and management with technical support on matters related to information security such as the criteria to use when selecting information security products

Reviews the effectiveness and practicality of existing information security procedures and systems, and makes recommendation for the improvement of these same procedures and systems

Interprets information security policies, standards, and other requirements in light of specific information systems, and assists with the implementation of these and other information security requirements

Participates in, and acts as a technical leader in, periodic information systems risk assessments including those associated with the development of new or significantly enhanced business applications.

Ensure that business strategy, IT enterprise security and implementation are aligned. Provide input to technical designs in enterprise security solutions, specifically around tools and systems that would best support the design.

Develop action plans, schedules, budgets, status and metrics reports as well as other management communications intended to improve the secure SDLC program at Ross.

Stays informed about the latest developments in the information security field, including new products and services, through on-line news services, technical magazines, professional association memberships, industry conferences, special training seminars, and other methods.

Monitors current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy, so that the company is warned in advance and is ready to be fully compliant with these requirements.

COMPETENCIES:

Technical Competence and Expertise
Customer Focus

Problem Solving
Approachability

Communication
Time Management

Drive fro Results


QUALIFICATIONS AND SPECIAL SKILLS REQUIRED:

At least 7 years' experience supporting IT systems, processes or capabilities

At least 7 years' of Information Technology Security, at least 5 years with large enterprise

Bachelor's degree

An understanding of industry best practices for Information security; specific demonstrated experience mapping business processes and comparing those processes to industry best practices

The ability to work closely with Business and development and a thorough understanding of the balance between Business and Security requirements

Knowledge of network, system and application security

Knowledge of OWASP framework and application security best practices

Excellent analytical, organizational and communication skills

Customer Focused

Team-oriented, yet able to work independently; self-motivated

Strong attention to detail

Able to articulate issues, build consensus around recommendations, and define next steps

Ability to respond promptly and consistently to changing customer needs and circumstances

A high sense of responsibility - to our customers, our business partners, our colleagues, and to the quality and timeliness of one's own work; a willingness to do what it takes to support our company's systems - sometimes during non-standard work hours
Preferred Qualifications:

Experience with Microsoft Office Suite, Microsoft Project and Visio

Graduate degree

Certified Information Systems Security Professional (CISSP), or other Information Security related certification

PHYSICAL REQUIREMENTS/ADA:

Job requires ability to work in an office environment, primarily on a computer.
Requires sitting, standing, walking, hearing, talking on the telephone, attending in-person meetings, typing, and working with paper/files, etc.
Consistent timeliness and regular attendance.
Vision requirements: Ability to see information in print and/or electronically.
SUPERVISORY RESPONSIBILITIES:
Indicate the job titles directly supervised by this position.
none

DISCLAIMER
This job description is a summary of the primary duties and responsibilities of the job and position. It is not intended to be a comprehensive or all-inclusive listing of duties and responsibilities. Contents are subject to change at management's discretion.

Ross is an equal employment opportunity employer. We consider individuals for employment or promotion according to their skills, abilities and experience. We believe that it is an essential part of the Company's overall commitment to attract, hire and develop a strong, talented and diverse workforce. Ross is committed to complying with all applicable laws prohibiting discrimination based on race, color, religious creed, age, national origin, ancestry, physical, mental or developmental disability, sex (which includes pregnancy, childbirth, breastfeeding and medical conditions related to pregnancy, childbirth or breastfeeding), veteran status, military status, marital or registered domestic partnership status, medical condition (including cancer or genetic characteristics), genetic information, gender, gender identity, gender expression, sexual orientation, as well as any other category protected by federal, state or local laws.

Apply