Lead Cybersecurity, BISOApply Now Location: 7000 Target Pkwy N, Brooklyn Park, Minnesota, United States, 55445-4301; job id: R0000186388
job family: Cybersecurity
schedule: Full time
Target is an iconic brand, a Fortune 50 company and one of America’s leading retailers.
Target as a tech company? Absolutely. We’re the behind-the-scenes powerhouse that fuels Target’s passion and commitment to cutting-edge innovation. We anchor every facet of one of the world’s best-loved retailers with a strong technology framework that relies on the latest tools and technologies—and the brightest people—to deliver incredible value to guests online and in stores. Target Technology Services is on a mission to offer the systems, tools and support that guests and team members need and deserve. Our high-performing teams balance independence with collaboration, and we pride ourselves on being versatile, agile and creative. We drive industry-leading technologies in support of every angle of the business, and help ensure that Target operates smoothly, securely and reliably from the inside out.
As a Lead Cybersecurity Analyst in the BISO organization you will work closely with product teams on key business initiatives to identify and manage risk. You will be accountable for risk identification on these initiatives end-to-end giving you a unique perspective on the work driving the business. You will engage subject matter experts and peers to support recommendations that balance business and cyber risk. Your circle of influence will include Team Members in a variety of roles and at all levels of the organization from Product Owners and Engineers to Directors and VPs. Cyber leaders will rely on your expertise and clear communication to inform their decisions.
The Lead Analyst will also support product teams as they work to remediate security vulnerabilities and manage their product lifecycle in a secure way. You will support adoption and use of security tooling and your influence will promote a strong security culture and partnership with Cybersecurity.
As a Lead Analyst you will perform the above with a great deal of independence and anticipate obstacles. You will use your experience and knowledge to coach and mentor others. You will lead and participate in cross functional teams working to improve Cybersecurity capabilities, processes, and policy. Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs.
Consult on key business initiatives ensuring comprehensive end-to-end risk identification and management
Clearly articulate and communicate key initiative goals, value, security risks, and expectations
Promote awareness of business initiatives and their associated risks within the Cybersecurity organization
When necessary, present important security concerns to leadership for decision making
Influence the use of secure patterns and consult on initiatives where their use may not be possible or preferred. Support the development of new secure patterns.
Interpret security policy, procedure, and regulatory requirements to maintain compliance. Involve compliance specific SMEs to support these discussions. Influence updates to policy where appropriate
Offer advice to product teams regarding remediation of vulnerability, configuration, and other security deficiencies. Identify themes in order to improve guidance and training.
Offer recommendations and make improvements to security guidance, training, and awareness materials
Coach product teams to mature their understanding and use of security tools and information
Coach and mentor less experienced analysts and engineers
5+ years in a technical role within cybersecurity or as an engineer on a product team with a significant security focus
Advanced knowledge and skill in security risk management and application security
Expert knowledge and skill in at least one cybersecurity domain
Proven problem-solving skills and experience
Ability to build relationships, influence without authority and drive outcomes across multiple stakeholder groups
Strong understanding of IT risk, information security fundamentals, defense-in-depth practices, IT risk assessment fundamentals and risk management practices
Ability to prioritize work and adapt to changing needs in a dynamic work environment
Ability to provide clear oral and written communication to a variety of business and technical audiences
Demonstrated technical proficiency in applying cybersecurity controls
Working knowledge of:
Cloud computing architectures and associated security designs and challenges
Common web application development technologies along with tools and processes to enable teams to develop safely
Common open source libraries and technologies (e.g. Kafka, Kubernetes) and how to effectively harden them
Bachelor’s degree in computer Science, Information Systems, Engineering or related discipline preferred
Security related certifications are desirable. Specialized security certifications like EC-Council CEH or CPENT, ISC(2) CSSLP or CCSP are preferred in addition to general certifications like ISC(2) CISSP and ISACA CRISC
Americans with Disabilities Act (ADA)
Target will provide reasonable accommodations (such as a qualified sign language interpreter or other personal assistance) with the application process upon your request as required to comply with applicable laws. If you have a disability and require assistance in this application process, please visit your nearest Target store or Distribution Center or reach out to Guest Services at 1-800-440-0680 for additional information.
What’s it like to work here? We’re asked that a lot. Target respects and values the individuality of all team members and guests—and we have lots of fun in all that we do.experience our culture