Senior Security Analyst

Welcome to Ross Stores, Inc., where our differences make us stronger… At Ross and dd’s, inclusion is a way of life. We care about our Associates and the communities we serve and we value their differences. We are committed to building diverse teams and an inclusive culture. We respect and celebrate the diversity of backgrounds, identities, and ideas of those who work and shop with us. Come join us as we continue our diversity, equality and inclusion journey!

The Sr. Security Analyst works directly with IT project teams as the security subject matter expert to provide information security recommendations and guidance in order to identify, manage, and mitigate security risks.

The position is also responsible for validating security requirements adherence, evaluating security services and technologies, and develops information security policies and procedures.

The Sr. Security Analyst is also responsible for performing host and vulnerability assessment, managing change requests thru change management process, performing vendor risk assessments and ensuring Ross' compliance with all applicable laws, rules and regulations.


• Responsible for identifying and establishing project security related requirements, providing guidance and ensuring that security requirements have been captured, designed, built and validated prior to the deployment of the new/enhanced capabilities.

• Interprets information security policies, standards, and other requirements in order to ensure proper adherence and implementation.

• Develops use cases for project related penetration testing in alignment with the security requirements objectives

• Lead the execution of project related penetration testing, source code security review and host security certification activities

• Develops system, database or network device minimum security baselines and automated scripts use for host security certification

• Manage and maintain security related tools used to perform host security certification and vulnerability management

• Performs research and evaluation of various methods to secure systems, networks, databases, and business applications in support of the project deliverables, related services, and other IT organizations

• Contributes to the security enhancement of the Systems Development Life-Cycle (SDLC) and the Threat and Vulnerability Management programs

• Creatively and independently recommends resolution to security related problems

• Develop technical reports, metric reporting and/or security related presentations

• Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.

• Monitors current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy, so that Ross Stores is warned in advance and is ready to be fully compliant with these requirements.


• Building Effect Teams (for managers of People and Projects)

• Developing Talent (for managers of people)

• Collaboration

• Leading by Example

• Communicates Effectively

• Ensures Accountability and Execution

• Manages Conflict

• Business Acumen

• Plans, Aligns and Prioritizes

• Organizational Agility
With particular emphasis on the following specific position-related competencies:

• Analysis/Judgment

• Interpersonal Effectiveness

• Technical Competence and Expertise


• Five years of Information Technology Security, at least 3 with large enterprise organizations

• Bachelor degree preferred or equivalent combination of education and relevant experience

• CISSP (Certified Information Systems Security Professional)

• Demonstrated experience and subject matter knowledge in information security for applications, web architectures, operating systems, databases, and networks.

• Working knowledge of UNIX and Windows

• Firewalls, VPN, PKI, IPS, Wireless, IPT

• Oracle, MS SQL

• Virtualization Security

• Ability to analyze and solve complex problems

• Ability to work in a group setting and independently

• Excellent attention and orientation toward meticulous work Proficient in Microsoft Office Products

• Familiarity with firewalls, VPN, PKI, IPS, wireless, IPT, virtualization security, Oracle and MS SQL preferred.

Job requires ability to work in an office environment, primarily on a computer.
Requires sitting, standing, walking, hearing, talking on the telephone, attending in-person meetings, typing, and working with paper/files, etc.
Consistent timeliness and regular attendance.
Vision requirements: Ability to see information in print and/or electronically.
This role requires regular in-office presence, including to engage in in-person team interaction, meetings and collaboration and/or client support. However, this role can perform duties effectively using a combination of in-office and remote work.


This job description is a summary of the primary duties and responsibilities of the job and position. It is not intended to be a comprehensive or all-inclusive listing of duties and responsibilities. Contents are subject to change at management's discretion.

Ross is an equal employment opportunity employer. We consider individuals for employment or promotion according to their skills, abilities and experience. We believe that it is an essential part of the Company's overall commitment to attract, hire and develop a strong, talented and diverse workforce. Ross is committed to complying with all applicable laws prohibiting discrimination based on race, color, religious creed, age, national origin, ancestry, physical, mental or developmental disability, sex (which includes pregnancy, childbirth, breastfeeding and medical conditions related to pregnancy, childbirth or breastfeeding), veteran status, military status, marital or registered domestic partnership status, medical condition (including cancer or genetic characteristics), genetic information, gender, gender identity, gender expression, sexual orientation, as well as any other category protected by federal, state or local laws.