Lead Engineer - Product/Application Security Engineering

Description:

Target is seeking a self-driven security technologists to drive our Product Security Engineering efforts. In this role, you will work stakeholders and technology teams to design and deliver software security products capabilities and services to Target’s global developer community.

Key responsibilities of this role include, but are not limited to:

  • Take ownership of and drive our application security testing services.
  • As platform/technology engineering owner, be accountable for all aspects of solution – design, implementation, lifecycle, scale/expansion, etc.
  • Enable Target’s developer community by designing and building a CI/CD testing pipeline for DevOps enablement.
  • Work with operations teams to support Product Security maturity for business critical products, stay on top of agile development teams’ needs, and continue to mature the testing services and expanding capabilities.
  • Stay current with latest security trends and application attack vectors and techniques.
  • Continuously assess current technology footprint and market offerings, drive technology decisions, lead PoCs of new solutions/capabilities.

Desired experience/qualifications:

  • Demonstrated experience with designing and deployment of a self-service testing offering to a development community operating in an agile fashion.
  • Proven ability to work in a large, matrixed environment, supporting many customers with different needs requiring different technologies, all delivered as a full service offering.
  • Ability to work as part of a global team, successfully driving results with a team based on primarily virtual interaction.
  • Expert level with static (e.g. HP Fortify, KlocWork, Checkmarx, Whitehat Source, Findbugs-Security, SonarQube, etc.) and dynamic application security (Portswigger Burp, HP WebInspect, IBM AppScan, Acunetix, Nikto, W3AF, ZAP, etc.) , penetration testing and vulnerability assessment tools (Nessus, Onapsis, Qualys guard, Nexpose, etc.).
  • Previous experience with full stack ownership and deployment of technology, from HW through full application and service delivery.
  • Team player; demonstrated ability to develop positive relationships and effectively communicate with product managers and architects, software and systems engineers, quality assurance and IT operations staff.
  • Ability to coach, mentor and support development of security engineering staff.
  • Strong understanding of software and application security issues and risks.
  • 3-5 years software development experience

Requirements

  • BA/BS or equivalent experience
  • 8-10 years total work experience
  • Has in-depth knowledge of state-of-the art engineering technical approaches in design, build, testing, debugging problems as required by domain
  • Maintains technical knowledge within areas of expertise
  • Stays current with new and evolving technologies via formal training and self-directed education

Back to top