Senior Director, Cyber Defense

Welcome to Ross Stores, Inc., where our differences make us stronger… At Ross and dd’s, inclusion is a way of life. We care about our Associates and the communities we serve and we value their differences. We are committed to building diverse teams and an inclusive culture. We respect and celebrate the diversity of backgrounds, identities, and ideas of those who work and shop with us. Come join us as we continue our diversity, equality and inclusion journey!
General Purpose
The Cyber Defense Sr. Director is a senior level leader responsible for Cybersecurity prevention and incident response functions with prior "hands-on" technical security expertise. This role is responsible for leading the team in identifying protective measures, researching cyber incidents, conducting comprehensive investigations, directing threat intelligence, proactive threat hunting, and other related activities necessary in leading a multi-level Security Operations Center (SOC).
The successful candidate is able to lead the advancement of this overall security function and take it to the next level of maturity which may include building and/or taking on other related security functions such as security analytics, Threat Management, and/or managing support and engineering of SOC related technologies.
During an incident this role leads all detection and response activities and acts as the Incident Commander working with cross-functional teams across IT, the business, and 3rd party resources to irradicate, contain, and recover from a cyber incident. This role possesses strong communication skills as they engage and provide updates to the senior leadership team.
This senior leader stays connected with the evolving threat landscape and possesses deep expertise around industry best practices in various aspects of IT and Cybersecurity. This role is also responsible for bringing forward broad cybersecurity expertise and thought leadership to assist the CISO in developing and implementing a comprehensive information security strategy that aligns with the organization's goals and objectives. The successful candidate will work collaboratively with business and technical teams to identify security risks, implement security controls, and ensure compliance with applicable laws and regulations to protect the organization's systems and data.
The base salary range for this role is $143,500 - $270,100. The base salary range is dependent on factors including, but not limited to, experience, skills, qualifications, relevant education, certifications, seniority, and location. The range listed is just one component of the total compensation package for employees. Other rewards vary by position and location.
Essential Functions

• Present monthly status reports to show internal event and incident trends
• Take internal precautions to protect against known 3rd party breaches with Ross Partners, Vendors, and suppliers.
• Document Ross incidents and provide regular updates to leadership.
• Ensures IR playbooks are maintained and distributed as appropriate.
• Partner closely with CISO, Chief Security Architect, Security Delivery & Engineering, and GRC teams
• Builds relationships with internal business partners such as Finance, Legal, HR to help guide them during security incidents
• Develops and maintains Incident Response Plan and holds training to ensure readiness
• Leads Cyber Defense team and other related functions to defend against cyber-attacks and to protect Ross during a cyber-incident
• Maintains a strong understanding of current cybersecurity threats and countermeasures, such as Advanced Persistent Threats (APTs), cyber-crime, hacktivism, and associated tactics.
• Partners with engineering and delivery teams to implement capabilities that protect Ross.
• Assist CISO in developing security strategy and roadmap. Work with business and IT owners to help define, develop, and maintain strategic and tactical programs and plans.
• Assist CISO in optimizing and improving security functionality of existing technologies and controls.
• Stays aware of on-going projects to ensure Cyber Defense programs protects new and changing systems
• Knowledge of industry standard frameworks as NIST, ISO, PCI, SOX, HIPAA.
• Stays aware of external threats and events and applies tactics to protect against them
• Engage cross-function IT teams such as Architecture, Engineering, and Application teams
• Develops an Incident Response Steering team to guide the program growth
• Communicate to internal and external partners to convey technical information in an easy-to-understand way.

Competencies
People

• Developing Talent (for managers of People)
• Collaboration
• Building Effective Teams (for managers of People and/or Projects)

Self

• Communicates Effectively
• Manages Conflict
• Leading by Example
• Ensures Accountability and Execution

Business

• Strategic Agility Business Acumen
• Organizational Agility
• Plans, Aligns and Prioritizes

With Particular Emphasis On The Following Specific Position-related Competencies

• Self-critical, able to evaluate past failures objectively with focus on continuous improvement
• Strong interpersonal skills
• Strong influencing skills, both within the IT organization and business units
• Solution oriented; on-time and on-budget win-win mentality
• Customer centric approach with a drive for results and quality of work

Qualifications And Special Skills Required

• Possess a strong understanding of SIEM technologies, secure internet gateways, EDR/MDR, IDS, SOAR, IPS, Email flow and Security,
• Ability to work with teams that are geographically distributed.
• 5 to 10 years leadership experience
• Strong communication skills both written and verbal and able to effectively operate with VP and above executives.
• Experience managing service providers/integrators, including offshore services.
• Demonstrated ability to execute financial analysis, such as TCO models and ROI.
• Broad knowledge of major technologies, platforms, and systems.
• Ability to develop strategic vision and perform 5-year planning
• Strong interpersonal skills with the ability to work effectively in a matrixed organization.
• Some travel may be required.
• Experience using Attack Frameworks such as MITRE and Cyber Kill chain
• Strong analytical ability, judgement, and problem analysis techniques
• Knowledge of industry standard frameworks as NIST, ISO, PCI, HIPAA.
• At least 10 to 15 years of experience in Information Security with demonstrated and progressive responsibility and influence.
• Experience writing system requirements

Physical Requirements/Ada
This role requires regular in-office presence, including to engage in in-person team interaction, meetings and collaboration, client support, mentoring, coaching, and/or feedback. This position requires the ability to use a computer, work as part of a team, and the ability to communicate with team members and others. However, this role can perform duties effectively using a combination of in-office and remote work.
Supervisory Responsibilities
Managing the recruitment, retention, and career development of internal staff.
Managing, mentoring, and leading professional services staff as needed
Manages a team of Security Engineers
Disclaimer
This job description is a summary of the primary duties and responsibilities of the job and position. It is not intended to be a comprehensive or all-inclusive listing of duties and responsibilities. Contents are subject to change at management's discretion.
Ross is an equal employment opportunity employer. We consider individuals for employment or promotion according to their skills, abilities and experience. We believe that it is an essential part of the Company's overall commitment to attract, hire and develop a strong, talented and diverse workforce. Ross is committed to complying with all applicable laws prohibiting discrimination based on race, color, religious creed, age, national origin, ancestry, physical, mental or developmental disability, sex (which includes pregnancy, childbirth, breastfeeding and medical conditions related to pregnancy, childbirth or breastfeeding), veteran status, military status, marital or registered domestic partnership status, medical condition (including cancer or genetic characteristics), genetic information, gender, gender identity, gender expression, sexual orientation, as well as any other category protected by federal, state or local laws.