Description: About us:
As a Fortune 50 company with more than 350,000 team members worldwide, Target is an iconic brand and one of America's leading retailers.
Working at Target means the opportunity to help all families discover the joy of everyday life. Caring for our communities is woven into who we are, and we invest in the places we collectively live, work and play. We prioritize relationships, fuel and develop talent by creating growth opportunities, and succeed as one Target team. At our core, our purpose is ingrained in who we are, what we value, and how we work. It's how we care, grow, and win together.
Target as a tech company? Absolutely. We're the behind-the-scenes powerhouse that fuels Target's passion and commitment to cutting-edge innovation. We anchor every facet of one of the world's best-loved retailers with a strong technology framework that relies on the latest tools and technologies-and the brightest people-to deliver incredible value to guests online and in stores. Target Technology Services is on a mission to offer the systems, tools and support that guests and team members need and deserve. Our high-performing teams balance independence with collaboration, and we pride ourselves on being versatile, agile and creative. We drive industry-leading technologies in support of every angle of the business, and help ensure that Target operates smoothly, securely, and reliably from the inside out.
As a Senior Cybersecurity Analyst in the BISO organization you will work closely with product teams on key business initiatives to identify and manage risk. You will be accountable for risk identification on these initiatives end-to-end giving you a unique perspective on the work driving the business.
You will engage subject matter experts and peers to support recommendations that balance business and cyber risk. Your circle of influence will include Team Members in a variety of roles and at all levels of the organization from Product Owners and Engineers to Directors, VPs and Cybersecurity leaders will rely on your expertise and clear communication to inform their decisions.
The Senior Analyst will also support product teams as they work to remediate security vulnerabilities and manage their product lifecycle in a secure way. You will support adoption and use of security tooling and your influence will promote a strong security culture and partnership with Cybersecurity. Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs.
Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs.
- Consult on key business initiatives ensuring comprehensive end-to-end risk identification and management
- Clearly articulate and communicate key initiative goals, value, security risks, and expectations
- Promote awareness of business initiatives and their associated risks within the Cybersecurity organization
- When necessary, present important security concerns to leadership for decision making
- Influence the use of secure patterns and consult on initiatives where their use may not be possible or preferred.
- Interpret security policy, procedure, and regulatory requirements to maintain compliance. Involve compliance specific SMEs to support these discussions
- Advise teams regarding remediation of vulnerability, configuration, and other security deficiencies
- Coach product teams to mature their understanding and use of security tools and information
Americans with Disabilities Act (ADA)
- 3+ years in a technical role within cybersecurity or as an engineer on a product team with a security focus
- Broad foundational knowledge in many cybersecurity domains with priority given to security risk management and application security
- Advanced knowledge in at least one cybersecurity domain
- Intermediate-to-advanced working knowledge of Cloud technologies and their use in a large-scale enterprise environment
- Proven problem-solving skills and experience
- Ability to build relationships, influence without authority and drive outcomes across multiple stakeholder groups
- Strong understanding of IT risk, information security fundamentals, defense-in-depth practices, IT risk assessment fundamentals and risk management practices
- Ability to prioritize work and adapt to changing needs in a dynamic work environment
- Ability to provide clear oral and written communication to a variety of business and technical audiences
- Demonstrated technical proficiency in applying cybersecurity controls
- Working knowledge of: Cloud computing architectures and associated security designs and challenges | Common web application development technologies along with tools and processes to enable teams to develop safely | Common open-source libraries and technologies (e.g. Kafka, Kubernetes) and how to effectively harden them
- Bachelor's degree in computer Science, Information Systems, Engineering, or related discipline preferred
- Security related certifications are preferred including ISC(2) CISSP and ISACA CRISC
Target will provide reasonable accommodations (such as a qualified sign language interpreter or other personal assistance) with the application process upon your request as required to comply with applicable laws. If you have a disability and require assistance in this application process, please visit your nearest Target store or Distribution Center or reach out to Guest Services at 1-800-440-0680 for additional information.