Lead Security Engineer – Proactive Security

Job Id: R0000440731

The pay range is $132,000.00 - $238,000.00

Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.

About Us:

Target is an iconic brand, a Fortune 50 company, and one of America’s leading retailers. Behind the brand our guests love is a framework that relies on the latest tools and technologies, as well as the brightest people, to deliver incredible value to guests online and in stores. Cybersecurity at Target is on a mission to secure the systems, tools, and processes that team members and guests interact with every day. We drive industry-leading technologies in support of every angle of the business, and help ensure that Target operates smoothly, securely, and reliably from the inside out. Working at Target means helping all families discover the joy of everyday life. We bring that vision to life through our values and culture. Learn more about Target here.

If you’re excited by the opportunity to demonstrate strong ownership and deep technical expertise while solving complex security challenges at scale, we invite you to join us as a Lead Security Engineer within the Target Proactive Security organization!

As a Lead Security Engineer within Target Proactive Security, you will take ownership in designing, building, and scaling security solutions to secure Target technologies. Leveraging your security and risk management experience, you will work across Target technology and business teams define security requirements, assess risk, and develop mitigation strategies. You will leverage your deep engineering and technical expertise to force-multiply your impact by building new security solutions and influencing across your peers and partner teams. Finally, you will act as a leader within our organization, constantly working to uplevel our team by mentoring your team members in security concepts and engineering best practices.

Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs.

About You:

• Bachelor’s degree in information security, computer science, or related field; or related experience

• 5+ years of engineering experience in one or more information security domains (e.g., vulnerability management, threat intelligence, application security, incident response, risk management, etc.)

• Experience defining security requirements, managing findings, and mitigating risk across dozens of unique business lines, hundreds of distinct applications, and thousands of stakeholders

Preferred:

• Master’s degree in information security, computer science, or related field; or related experience

• 10+ years of engineering experience in one or more information security domains (e.g., vulnerability management, threat intelligence, application security, incident response, risk management, etc.)

• Experience designing, developing, and scaling security solutions that enable developers and technology solutions to be “secure-by-default” (e.g., auto-patching, credential rotation, etc.)

• Demonstrated experience harmonizing and aligning business needs with security requirements to ensure security threats and risks are properly identified and managed

• Executive-level communication skills, both verbal and written, capable of effectively articulating technical topics to a wide range of stakeholders to drive understanding and alignment

• Proven ability to own enterprise-wide security projects or programs (e.g. Patch Management, Risk Management, etc.), including building project plans, identifying stakeholders, communicating progress, and addressing roadblocks

• Experience with both on-prem (e.g., bare metal servers, firewalls, etc.) and cloud-based (e.g., GCP, AWS, Azure, etc.) infrastructure

• Experience leveraging AI tools (e.g., Claude, ChatGPT, etc.) to measurably improve the effectiveness or operations of a security tool or mechanism

• Experience with common security tooling (e.g., SIEM, DLP, IDS, IPS, etc.)

• Experience with common security frameworks (e.g., NIST, ISO/IEC 27001, PCI-DSS, etc.) 

• Relevant security industry certifications (e.g., CISSP, CISM, OSCP, etc.)

This position will operate as a Hybrid/Flex for Your Day work arrangement based on Target’s needs. A Hybrid/Flex for Your Day work arrangement means the team member’s core role will need to be performed both onsite at the Target HQ MN location the role is assigned to and virtually, depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target. Click here if you are curious to learn more about Minnesota.

Benefits Eligibility

Americans with Disabilities Act (ADA)

In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please reach out to candidate.accommodations@HRHelp.Target.com. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed through this channel.