Security Engineer II, Cyber Defense

Welcome to Ross Stores, Inc., where our differences make us stronger… At Ross and dd’s, inclusion is a way of life. We care about our Associates and the communities we serve and we value their differences. We are committed to building diverse teams and an inclusive culture. We respect and celebrate the diversity of backgrounds, identities, and ideas of those who work and shop with us. Come join us as we continue our diversity, equality and inclusion journey!

The Security Engineer II position is responsible for threat hunting and for providing Incident response related activities. This position requires technical and process awareness to meet or exceed business objectives and SLA's.

  • Keep abreast with the latest threats and related vulnerabilities.
  • Analyze large structured and unstructured data independently.
  • Document and independently execute threat hunting plans.
  • Provide incident response as needed on active alerts and drive them to closure.
  • Respond to escalation requests either via the Helpdesk, NOC, junior analysts or other IT representatives.
  • Contribute to monthly Cyber Defense dashboard with relevant performance indicators and security threat assessments.
  • 24x7 on call duties apply on rotation and escalation

  • Analysis and judgement.
  • Drive for results.
  • Technical competence
  • Interpersonal effectiveness
  • Collaboration
  • Communication
  • Customer service
  • Plans, Aligns & Prioritizes

  • 5+ years of experience in key security products such as NAC, Antivirus, File Integrity Management, Intrusion Presentation, Network Firewalls, Application Firewalls, Web Proxy, Logging & Monitoring, and anomaly detection.
  • Solid working knowledge with security tools such as NAC, Antivirus, File Integrity Management, Intrusion Presentation, Network Firewalls, Application Firewalls, Web Proxy, Logging & Monitoring, DLP and FireEye.
  • Experience with security event response from key security products and services (network traffic analysis, PC forensics, kill chain, windows event analysis, anomaly detections mechanisms etc.)
  • 5+ years of experience with Information/Network security/Security Operations.
  • Solid experience in collection, processing and extraction of anomalies from structured and unstructured data.
  • Effectively identify, communicate, and remediate risks to the environment.
  • Demonstrated time management skills
  • Bachelor's degree in Information Technology or Information Security; or equivalent work experience.

Job requires ability to work in an office environment, primarily on a computer.
Requires sitting, standing, walking, hearing, talking on the telephone, attending in-person meetings, typing, and working with paper/files, etc.
Consistent timeliness and regular attendance.
Vision requirements: Ability to see information in print and/or electronically.
This position may be performed remotely anywhere within the United States except it cannot be performed in the State of Colorado and New York City.


This job description is a summary of the primary duties and responsibilities of the job and position. It is not intended to be a comprehensive or all-inclusive listing of duties and responsibilities. Contents are subject to change at management's discretion.

Ross is an equal employment opportunity employer. We consider individuals for employment or promotion according to their skills, abilities and experience. We believe that it is an essential part of the Company's overall commitment to attract, hire and develop a strong, talented and diverse workforce. Ross is committed to complying with all applicable laws prohibiting discrimination based on race, color, religious creed, age, national origin, ancestry, physical, mental or developmental disability, sex (which includes pregnancy, childbirth, breastfeeding and medical conditions related to pregnancy, childbirth or breastfeeding), veteran status, military status, marital or registered domestic partnership status, medical condition (including cancer or genetic characteristics), genetic information, gender, gender identity, gender expression, sexual orientation, as well as any other category protected by federal, state or local laws.