Sr. Engineering Manager - CSIRT Cybersecurity Defense

Job Id: R0000424043

The pay range is $128,000.00 - $231,000.00

Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.

JOIN TARGET CYBERSECURITY AS A SENIOR MANAGER - CSIRT CYBERSECURITY DEFENSE

About Us

Working at Target means helping all families discover the joy of everyday life. We bring that vision to life through our values and culture. Learn more about Target here.

The Senior Manager is responsible for a managing a shift composed of CSIRT analysts that are responsible for alert intake, triage, and response. This role is accountable for leading the personnel, developing processes, expectations, and coaching to ensure the success of the shift in supporting our overall mission. The Sr. Manager will collaborate with partner teams to drive the maturity of the CFC organization, will support declared incidents, and get hands on when needed in our response. Success in this role will require strong and innovative approaches to problem solving, great technical leadership, excellent communication (written and verbal, formal and informal), flexibility, accountability and a self-motivated working style with attention to detail.

About You

As a Senior Manager - CSIRT, you will:

• Lead Incident Response Operations: Direct all phases of the incident response lifecycle, including analysis, containment, eradication, recovery, and post-incident analysis.
• Develop and Maintain Response Frameworks: Establish and regularly update incident response policies, procedures, playbooks, and escalation workflows in alignment with industry best practices.
• Coordinate Cross-Functional Response: Serve as a central point of contact during major security incidents, coordinating efforts in collaboration with our partner teams
• Report on Incident Trends: Develop and present incident metrics, threat trends, and risk insights to senior leadership to support strategic decision-making.
• Train and Mentor Response Team Members: Provide leadership, coaching, and technical guidance to incident responders and analysts to build a high-performing team.
• Test and Validate Response Readiness: Contribute to regular tabletop exercises, red team engagements, and technical simulations to assess and strengthen response capabilities.
• Integrate Threat Intelligence: Leverage internal and external threat intelligence to inform response strategies and anticipate emerging attack vectors.
• Automate and Streamline Response Processes: Identify opportunities for automation and process optimization using tools such as SOAR platforms.

Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs.

Basic Qualifications:

• 4-year degree or equivalent experience in a related field
• 5+ years’ of SOC/IR experience
• 1-3 years of building and leading high performing cyber security teams with direct reports
• Cyber security certification (e.g. GIAC, Offensive security, ISC2)
• Deep understanding of and experience with monitoring and detection, incident response, artifact collection and analysis, cloud environments and attacker mindset
• Ability to lead CSIRT effectively during a high-severity security incident
• Lifelong learner passionate about continuous improvement and developing both your and your team’s skills and capabilities
• Ability to convey technical information clearly and concisely

Desired Qualifications:

• An understanding of and experience with any combination of digital forensics, reverse engineering, threat intelligence, threat hunting and SOAR
• Experience with various operating systems and host-based security controls
• Experience with network-based security controls, network infrastructure and protocols
• Experience working in a Cyber Fusion Center with highly collaborative, cross-functional teams

This position will operate as a Hybrid/Flex for Your Day work arrangement based on Target’s needs. A Hybrid/Flex for Your Day work arrangement means the team member’s core role will need to be performed both onsite at the Target HQ MN location the role is assigned to and virtually, depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target. Click here if you are curious to learn more about Minnesota.

Benefits Eligibility

Americans with Disabilities Act (ADA)

In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please reach out to candidate.accommodations@HRHelp.Target.com. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed through this channel.