Principal Security Engineer - GCP Cloud Security Architect - job 1 of 2

About Us:

Working at Target means helping all families discover the joy of everyday life. We bring that vision to life through our values and culture. Learn more about Target here.

Target is one of the world’s most recognized brands and one of America’s leading retailers. But behind the brand our guests love, is a culture of continual innovation and right now, we are up to big things! Target’s security team is a place where innovation happens daily. Interested in a culture that combines ongoing learning, engineering excellence, and stellar outcomes? We are too – that’s why we work here. Join our team to improve Target’s security and move the business forward. 

As a Principal Security Engineer/Architect, you’ll collaborate with technical and leadership teams across all of Target Tech to ensure that systems are designed and built securely. You will identify relevant security risks, develop appropriate mitigation strategies, integrate security functions and controls into the overall system architecture, evaluate and provide feedback on proposed architectures, and design secure architecture. This role is highly technical and you will bring a deep understanding of security risks, controls, mitigations, and standards to a collaborative and advisory role - helping the rest of the enterprise as new platforms and systems are built and as existing ones are modified over time. 

Beyond the deep expertise, you have great interpersonal skills: our Security Architects are called upon to collaborate across the enterprise and have exceptional communication skills that enable open and cooperative partnerships. 

You can expect to:

• Collaborate with system designers to integrate security requirements into the design phase of IT systems 

• Develop and maintain security architecture documentation - including security models, frameworks and diagrams 

• Ensure that security architecture aligns with the organization’s business objectives and regulatory requirements 
• Provide expertise on information security for complex systems and applications in cloud and on-prem environments 

• Understand security risks in order to identify potential vulnerabilities and threats 

• Develop risk mitigation strategies and recommend appropriate security controls 

• Design and implement security solutions, including firewalls, encryption protocols and access control mechanisms 

• Collaborate with development and operations teams to ensure secure creation and deployment of IT systems 

• Provide guidance on secure coding practices  

• Prioritize driving highly impactful changes that improve the business 

• Conduct full-stack architecture reviews of products and platforms 

• Design security reference architectures and create implementation/configuration guides   

• Provide expertise on creation and implementation of security controls with an emphasis on cloud technologies 

• Efficiently assess and communicate risk accurately while negotiating priorities with cross-domain stakeholders 

• Collaborate with engineering teams to perform advanced security analysis on complex cloud systems, identifying gaps while contributing to design solutions and security requirements 

About You:

• 4 year degree or equivalent work experience  

• 10+ years of hands-on security engineering and architecture with extensive knowledge of Cybersecurity domains including: Cloud Security, Networking Security, Information Protection, Identity Access Management (IAM), Automation and SIEM  
• Language agnostic programmer comfortable coding in many languages across different platforms, i.e.: Java, Python, Go, Scala, etc.

• Proven history of effectively utilizing a variety of security tools and technologies across diverse environments. Not be limited to specific vendors or solutions but possess the technical depth to comprehend and implement an end-to-end solution that aligns with our reference security architecture's requirements  

• Good understanding of security management workflows in large enterprise organizations and complex environments  

• Has a good understanding of the current threat landscape and the challenges that most organizations are facing  

• In-depth knowledge of security frameworks, standards, and best practices (i.e., NIST, ISO/IEC 27001)  

• Strong understanding of secure networking, cryptography and software development  

• Experience with security technologies such as firewalls, IDS/IPS and DLP

• Expertise in containerization technologies and tools (i.e. Kubernetes)

• Solid understanding of AI/ML fundamentals as well as VertexAI

• Excellent analytical, problem-solving and communication skills with strong presentation abilities  

• Demonstrated curiosity that seeks out cross-team collaboration opportunities as well as stays relevant with latest security technologies by self-directed learning