Lead Payment Security Analyst

Brooklyn Park, Minnesota
Nov 17, 2021
Dec 16, 2021
Employment Status
Full Time

About us:
Target is an iconic brand, a Fortune 50 company and one of America's leading retailers. Target as a tech company? Absolutely. We're the behind-the-scenes powerhouse that fuels Target's passion and commitment to cutting-edge innovation. We anchor every facet of one of the world's best-loved retailers with a strong technology framework that relies on the latest tools and technologies-and the brightest people-to deliver incredible value to guests online and in stores. Target Technology Services is on a mission to offer the systems, tools and support that guests and team members need and deserve. Our high-performing teams balance independence with collaboration, and we pride ourselves on being versatile, agile and creative. We drive industry-leading technologies in support of every angle of the business, and help ensure that Target operates smoothly, securely and reliably from the inside out.

About you:

The Lead Payment Security Analyst will be responsible for ensuring the PCI DSS compliance of the largest and most complex payment card systems and processes across Target, and leading the overall assessment effort for a large Cardholder Data Environment (CDE) at Target.

We're looking for a team player who will excel in partnering with other business, technology, and security experts across the company to assess the people, process, and technology that support Target's payment card security architecture.

Use your skills, experience and talents to be a part of groundbreaking thinking and visionary goals. As a Lead Payment Security Analyst, you'll take the lead as you...
  • Serve a as a lead project manager or top technical subject matter resource to drive PCI DSS compliance
  • Consult on complex payment security and PCI DSS compliance considerations
  • Understand and assess complex branded payment acceptance and card servicing processes
  • Develop and consult on remediation requirements for applications, servers, databases, payment devices, local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices to ensure PCI DSS compliance
  • Drive necessary and complex system and process updates
  • Answer prioritization, technical, or PCI DSS interpretation questions from the PCI DSS assessment teams
  • Interact directly with Target's PCI DSS Qualified Security Assessor (QSA) on complex interpretation, implementation, and assessment questions
  • Work closely with cross-functional teams and develop strong liaison relationships
  • Stay current with new and evolving security topics and technologies via formal training and self-directed education
  • Willingly share knowledge and experiences with less experienced staff to help grow team talent bench through training and mentoring
  • Provide payment card security thought-leadership within the team and to the broader IT organization to promote and develop consistent technical build processes
  • Serve as a peer to the leaders of the PCI DSS assessment and consulting teams

  • Bachelor's degree
  • 5-7 years IT background; experience with payment card compliance or regulatory issues preferred
  • 3+ years prior experience supporting, a Level 1 or Level 2 organization's PCI DSS compliance effort, working with an ISA or QSA, or serving as a ISA or QSA
  • Experience with large scale project management (planning, organizing, and managing resources to bring about the successful completion of specific project goals and objectives)
  • Advanced knowledge of all requirements of the PCI DSS v3.x, other significant PCI SSC guidance, and card security and compliance requirements from the major card brands
  • Advanced knowledge of five or more of the following technical areas: network segmentation, operating system security, encryption and key management, tokenization, anti-virus and malware, secure system development, identity and access management, vulnerability management, physical access controls, penetration testing, file integrity monitoring, logging, and information security policy
  • Able to scope, interpret and prioritize both application and network vulnerability test results
  • Ability to effectively communicate complex security issues to auditors, assessors and both technical and non-technical leaders.
  • Ability to identify problems, analyze data and present conclusions effectively
  • Strong verbal, written and presentations skills
  • Excellent PC skills (Excel, Word, Adobe, SharePoint)
  • Industry Certifications (CISSP/PCI QSA or ISA/PCIP/CISM/CRISC) preferred
  • Cloud security or architecture experience preferred
  • EMV "Chip and PIN" and mobile payment experience preferred
  • Former PCI QSA with retail and card servicing experience preferred
  • Development experience a plus

Americans with Disabilities Act (ADA)

Target will provide reasonable accommodations (such as a qualified sign language interpreter or other personal assistance) with the application process upon your request as required to comply with applicable laws. If you have a disability and require assistance in this application process, please visit your nearest Target store or Distribution Center or reach out to Guest Services at 1-800-440-0680 for additional information.


Similar jobs

Similar jobs