GENERAL PURPOSE:

The IT Manager II is responsible for facilitating cybersecurity risk management and governance processes for Ross Stores. This role works closely with the IT Compliance Manager and Secure Project Delivery Manager to help develop, mature, and execute the IT Risk processes which include governance, risk assessment, risk analysis, risk metrics, risk reporting, technology enablement, maintenance of the risk taxonomy, and organizational integration. This role is also responsible for establishing security policies, standards and procedures and managing security awareness program.

The base salary range for this role is $125,400 – $214,200. The base salary range is dependent on factors including, but not limited to, experience, skills, qualifications, relevant education, certifications, seniority, and location. The range listed is just one component of the total compensation package for employees. Other rewards vary by position and location.

• Leads the security governance and risk management team performing IT and business risk assessments, vendor risk management, contracts management, security policy and standards management and security awareness.
• Performs management and personnel administration functions associated with Ross’ Cybersecurity Governance and Risk Management Department
• Develops action plans, schedules, budgets, status reports and other management communications intended to improve the status of information risk at Ross.
• Responsible for performing risk assessments to identify current and future security vulnerabilities, determine what level of risk is acceptable to the organization, and determine the best ways to reduce cybersecurity risks to this acceptable level of the company’s assets, relationships, processes, and functions associated with IT and business risk.
• Responsible for managing Third Party risk management and related contracts agreements to ensure necessary security controls have been included as part of services and capabilities for the protection of organization assets
• Responsible for providing support to IT during product and vendor selection process and providing subject matter expertise on Cybersecurity risk and compliance
• Establish and maintains related IT Risk Management metrics and reporting. Collaborates with IT Compliance Manager, Secure SDLC Manager, Cybersecurity, and IT groups to define, gather and analyze metrics. Provides targeted reporting to all levels of IT and Business management.
• Executes and maintains risk assessments related tools with the goal of improving efficiency, reducing costs, improving agility and optimizing information technology governance, risk, and controls management processes, while providing an overall view of the organization’s risk profile. Coordinates and communicates IT risk-related activities among IT key stake holders.
• Responsible for establishing, enforcing and maintaining Cybersecurity policies, standards and procedures
• Responsible for establishing information security awareness programs, regularly conducting exercise to educate employees of the cybersecurity and best practices.
• Monitors current and proposed laws, regulations, industry standards, and ethical requirements related to cybersecurity and privacy, so that Ross Stores is warned in advance and is ready to be fully compliant with these requirements.

Required Qualifications

• Minimum 8-10 years of professional experience in running a cybersecurity function, including analyzing and applying cybersecurity risk, risk management, and privacy practices
• At least 5 years of experience working with cross-functional teams
• Experience with all aspects of regulatory and contractual compliance, especially Payment Card Industry (PCI), Sarbanes Oxley, and Health Information Portability and Accountability Act (HIPAA) requirements for as they relate to IT
• Experience with IT process, risk and control frameworks, such as COBIT, ISO 27001, ITIL, Risk IT
• Experience communicating and presenting both verbally and in writing to various audiences, including committees, large groups, senior management, and executive leadership
• Proficient in network security design and architecture, capacity planning, network performance monitoring, end-point protection, patch-management, vulnerability management, penetration testing, intrusion detection, risk management, mobile device management, wireless management and data loss prevention.
• CISSP (Certified Information System Security Professional), CISA (Certified Information Systems Auditor) OR CRISC (Certified in Risk and Information System Control) OR CGEIT (Certified in Governance of Enterprise IT)

Preferred Qualifications

• Bachelor’s degree preferred or equivalent combination of education and relevant experience

PHYSICAL REQUIREMENTS/ADA:

This position requires the ability to work in an office environment, including using a computer, attending meetings, working as part of a team, and the ability to communicate with team members and others. Regular attendance also is a requirement of the position.

This role requires regular in-office presence, including attending in-person team interaction, meetings and collaboration, client support, mentoring, coaching, and/or feedback. However, this role can perform duties effectively using a combination of in-office and remote work. #LI-Hybrid

SUPERVISORY RESPONSIBILITIES:

Analyst, Senior Analyst and Lead Analyst

DISCLAIMER:

This job description is a summary of the primary duties and responsibilities of the job and position. It is not intended to be a comprehensive or all-inclusive listing of duties and responsibilities. Contents are subject to change at management’s discretion.

EQUAL EMPLOYMENT OPPORTUNITY:

Ross is an equal employment opportunity employer. We consider individuals for employment or promotion according to their skills, abilities and experience. We believe that it is an essential part of the Company’s overall commitment to attract, hire and develop a strong, talented and diverse workforce. Ross is committed to complying with all applicable laws prohibiting discrimination based on race, color, religious creed, age, national origin, ancestry, physical, mental or developmental disability, sex (which includes pregnancy, childbirth, breastfeeding and medical conditions related to pregnancy, childbirth or breastfeeding), veteran status, military status, marital or registered domestic partnership status, medical condition (including cancer or genetic characteristics), genetic information, gender, gender identity, gender expression, sexual orientation, as well as any other category protected by federal, state or local laws.

Summary Information about the Role and Company Overview

Works with key stakeholders, including senior leaders and executives, as well as LOBs to clearly define information security initiatives, vision and approach to meet security business needs, risks, exposures and remediation. Collaborate with key team stakeholders and senior management to drive initiatives to completion and rollout, enhance security standards, integrate solutions and maintain the strategic direction of Cybersecurity. Responsible for oversight and communication of the cybersecurity programs, which includes: providing strategic direction, financial oversight, and investment prioritization of new security controls/initiatives to address emerging threats; managing portfolio reporting and delivery of cybersecurity controls/capabilities to address risks in our environment.

• Applies a solid understanding of IAM concepts and uses knowledge of the business and key processes to drive improvements.
• Solves routine problems of moderate complexity by analyzing possible solutions using experience, judgment, and precedents.
• Recognizes and identifies potential areas where existing procedures require change or where new ones need to be developed.
• Demonstrates an ability to manage competing priorities.
• Strong analytical skills with an ability to work independently.
• Oversees and guides managed service resources to ensure that processes and procedures are in adherence to Truist standards and policies.

Required Qualifications:

• Bachelor's degree in business administration, technology related field or equivalent education and related training
• More than seven years of demonstrated progressive experience in Cybersecurity, with emphasis on data lost prevention, vulnerability management, access management, firewalls, security awareness training, etc.
• Excellent ability to express complex multi-disciplinary technical and business concepts in terms that are understandable to all levels of Lines of Business and corporate management both verbally and in writing
• Strong working knowledge of cybersecurity terms, concepts, disciplines, frameworks, best practices and industry/regulatory requirements

Preferred Qualifications:

• Bachelor’s degree or equivalent
• Previous experience in the banking industry
• Previous experience working with an Identity and Access Management platform such as Oracle, SailPoint, Okta
• Cybersecurity certifications such a CISA, CISSP

All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

Truist supports a diverse workforce and is an Equal Opportunity Employer that does not discriminate against individuals on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. Truist is a Drug Free Workplace.

Summary

The Cybersecurity Operations Analyst for Caesars is responsible for implementing the Cybersecurity program and strategy at a tactical and operational level (network, infrastructure, applications, and databases) to ensure that security controls are functioning efficiently and effectively, more specifically in the realm of security logging, monitoring, alert management, incident handling, vulnerability and configuration management. Furthermore, this position also supports the Cybersecurity Team in doing security research and development, product evaluations, consulting, project support, and any other operational tasks needed to support the overall requirements of the program and strategy.

The Cybersecurity Operations Analyst participates in establishing and implementing security related standards, procedures, and guidelines appropriate to securing the existing environment in partnership with various properties and Information Technology. The optimal goals is to design and implement controls and processes, risk mitigation techniques, and standardized information security solutions that will allow a sensible balance between risks and business operations.

• Participates in documenting all security procedures.
• Assist the Cybersecurity Engineering team in providing future direction of technology and platforms, how that direction will impact the company, and how future and current systems can be leveraged for the benefit of the company.
• Recognize and identify potential areas where existing data security policies and procedures require change, or where new ones should be developed.
• Analyze, synthesize, develop, engineer, diagnose and maintain systems, programs and procedures that ensure peak performance and reliability of the Caesars' computer and telecommunications systems at minimum cost.
• Recognize and identify potential areas where existing policies and procedures require change, or where new ones need to be developed, especially regarding future business expansion. Responsible for optimum system performance.
• Performs ongoing analysis as applications change to determine the impact of security mechanisms in place.
• Participate in all Incident Response activities to include collecting, and analyzing evidence, determining root cause, reporting / documentation, and recovery tasks.

Operational Planning & Management

• Enhances security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
• Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
• Analyze security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
• Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
• Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
• Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
• Prepares system security reports by collecting, analyzing, and summarizing data and trends.
• Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
• Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
• Assist with general administrative activities in collaboration with all team members
• Support vendors' activities and relationships
• Prepare project plans and associated documentation
• Prepare status reports and other management metrics as needed

Documentation, Reporting & Analytics

• Contribute to the design and implementation of an operational reporting framework that will provide regular metrics and statistics about our business and IT environment; analyze trends in security events, activities, etc. to better understand risks, insufficiencies in our solutions, staffing shortages, etc.; report security metrics and statistics to the CISO and other key stakeholders such as the CTO
• Document and follow-up on security exceptions relating to IT and property activities that could negatively impact security risks and/or not adhere to established policies, standards, or procedures

Required Qualifications:

• 1-3+ years' work experience in security operations, network security, infrastructure security, Windows/Unix systems/security, etc.
• Experienced in several security tools (IPS/IDS, DLP, scanners, forensics tools, ethical hacking tools, etc.) and very knowledgeable in security processes.

Preferred Qualifications:

• Bachelor’s degree in Information Systems, Computer Science or technical training equivalent.
• CISSP, CISA, CISM, GSEC, or related certification(s) preferred.

NA