Ross Stores, Inc.

jobs.rossstores.com

1 Job

40,360 Employees

About the Company

For the last 40+ years, Ross Stores, Inc. has grown from a six-store chain into an $21.1 billion, Fortune 500 Company. We operate our off-price businesses in a way that keeps costs low so we can pass the savings to our customers. We continue to open new stores and our sales growth has outpaced traditional retailers for the past three years. Ross Dress for Less® has 1,847 stores in 44 states, the District of Columbia and Guam. dd’s DISCOUNTS® has 358 stores in 22 states. Please join our Talent Community to receive the latest updates for your areas of interest, career news, and exciting opportunities at Ross Stores: https://ross.avature.net/talentcommunity Additional information is available at: www.rossstores.com www.ddsdiscounts.com

Listed Jobs

Company Name: Ross Stores, Inc.
Job Title: REMOTE - Security Engineer II (Threat Hunter)
Job Description: **Job Title** Security Engineer II – Threat Hunter (Remote) **Role Summary** Lead proactive threat hunting and cyber threat intelligence (CTI) to identify, analyze, and mitigate advanced persistent threats (APTs) and malware across a complex enterprise environment. Develop and automate detection rules, playbooks, and workflows, and deliver actionable intelligence to technical teams and senior leadership. Participate in on‑call rotations and collaborate across functions to strengthen overall security posture. **Expectations** - Conduct continuous, advanced threat hunting across networks, systems, and applications. - Transform large, multi‑source data sets into clear, actionable threat intelligence reports. - Design, optimize, and automate detection rules and enrichment logic using scripting (Python, SQL). - Respond promptly to escalation requests from help desk, NOC, and IT stakeholders. - Contribute to cyber‑defense dashboards and performance indicators. - Develop and maintain automated workflows and playbooks for rapid incident response. - Apply MITRE ATT&CK framework to map adversary behaviors and predict threats. - Participate in 24/7 on‑call rotations as part of the security response team. **Key Responsibilities** - Execute advanced threat hunting to uncover hidden malicious activity. - Synthesize OSINT, threat feed, TIP, SIEM, and endpoint data to produce intelligence narratives. - Create and refine detection rules, enrichment logic, and automated playbooks. - Mentor and lead junior CTI analysts, fostering a culture of continuous improvement. - Deliver security briefings to executives and technical teams. - Maintain and improve cyber‑defense metrics and dashboards. - Coordinate with IT, NOC, and incident response during escalation workflows. - Remain current on APT tactics, techniques, and procedures using MITRE ATT&CK. - Perform 24/7 on‑call duties as outlined by the rotation schedule. **Required Skills** - 8+ years total cybersecurity experience, with 5+ years in threat intelligence and hunting. - Deep knowledge of threat intelligence platforms (TIPs), SIEM solutions, and endpoint detection/response (EDR) tools. - Proficiency in collecting, analyzing, and disseminating OSINT and commercial threat feeds. - Strong scripting skills (Python, SQL) for rule creation and automation. - Experience building and maintaining automated playbooks and workflows. - Advanced understanding of APTs, malware, and adversary behavior modeling (MITRE ATT&CK). - Proven mentoring and leadership of CTI analysts. - Excellent analytical judgment, communication, and collaboration skills. - Ability to work 24/7 on-call during escalation events. **Required Education & Certifications** - Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent practical experience). - Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) preferred. - Additional certifications such as GIAC Cyber Threat Intelligence (GCTI), GIAC Certified Incident Handler (GCIH), or GIAC Security Essentials (GSEC) desired.