Description:
Information Security - BISO Lead - Enterprise Architecture

About Target
Target is an iconic brand, a Fortune 50 company and one of America's leading retailers.

Target as a tech company? Absolutely. We're the behind-the-scenes powerhouse that fuels Target's passion and commitment to cutting-edge innovation. We anchor every facet of one of the world's best-loved retailers with a strong, secure technology framework that relies on the latest tools and technologies-and the brightest people-to deliver incredible value to guests online and in stores.

About This Opportunity

The BISO (Business Information Security Officer) function at Target is responsible for IT risk awareness and information security enablement across all lines of business, enterprise functions, technology, and operations teams.

This position will be responsible for driving secure and compliant solutions within the Enterprise Architecture organization at Target. You will be building relationships with engineers and their leaders to develop a deep understanding of their key objectives and help drive informed, risk-based information security decisions at Target.

As BISO Lead for Enterprise Architecture you'll...

• Act as point of contact to executive leadership for dimensioning, managing and driving remediation of IT risk for Enterprise Architecture.
• Provide guidance to Enterprise Architecture teams to enable them to design, develop and deploy solutions that align with the business, security, and compliance objectives of Target.
• Reduce risk by championing sound control principles to strengthen the security of Target's Enterprise Architecture.
• Monitor and review security metrics to measure security effectiveness.
• Ensure that appropriate stakeholders are held accountable as to the state of their controls and that they understand their responsibilities regarding risk mitigation and remediation.
• Escalate significant risks to senior leadership for information or action.
• Facilitate, attend and participate in internal/external meetings and risk committees.
• Provide updates to business groups, partners and information security leadership through established communication channels.
• Engage with business managers and staff to ensure risks are addressed in timely manner.
• Provide feedback to align Target's Information Security investments with the needs of the business.
• Influence and support Target Information Security policies.

Required Qualifications

• Ability to provide effective leadership and subject matter expertise on IT Risk topics to senior management, technology, and business partners.
• Experience communicating effectively at different levels of the organization, and with various technical and business audiences.
• Capable of navigating ambiguity and conflicting priorities and developing working business relationships based on trust.
• Ability to lead down, across, and up in order to persuade and/or negotiate desired outcomes.
• Successful in building and maintaining collaborative relationships with partners, clients and peers.
• Excellent problem solving abilities and analytical skills.
• Ability to see the big picture with high attention to critical details.
• 5+ years of Information Technology and/or Information Security experience.
• BA/BS in Information Technology, Information Security, or a related discipline or equivalent experience.

Desired Qualifications (one or more of the following)

• Knowledge of open source deployment and development security, API stack security, cloud solution security, network security, and/or infrastructure-as-code security.
• 2+ years of consultancy, advisory, or business-facing information security experience.
• Development experience with open-source tools and platforms.
• Knowledge of and experience securing IoT devices and platforms.
• Knowledge of security controls related to IaaS, PaaS, and SaaS.
• CISSP or ability to pass exam(s) within 90 days.

Qualifications: