Lead Engineer - Threat Detection Operations

Description:

  • Think critically and creatively while analyzing security events, network traffic, and logs to engineer new detection methods
  • Define and implement security detection use cases and cyber hunting exercises
  • Work directly with cyber threat intelligence analysts to convert intelligence into useful detection
  • Collaborate with incident response team to rapidly build detection rules as needed

Minimum Qualifications and Experience:

  • BA/BS in information technology, computer science, or related field OR commensurate experience
  • Familiarity with host and network forensics concepts
  • Ability to analyze packet captures (.pcap files)
  • Experience with Splunk, Arcsight, Logger, or other SIEM-like platform.

Preferred Qualifications and Experience:

  • Experience writing queries using the Splunk Search Processing Language (SPL) or comparable SEIM
  • Experience developing content in ArcSight
  • Ability to write Snort or Suricata Signatures
  • Comfort writing scripts in Python and/or PowerShell
  • Familiarity with application of “cyber kill chain” and “pyramid of pain” concepts
  • Demonstrated ability to analyze details of security events ranging from simple low-sophistication attacks to more advanced adversaries
  • Disk and memory forensics
  • Basic malware analysis
  • MS in information technology, computer science, network engineering, software engineering etc.

Meet Some of Target's Employees

Ashley M.

Technology Leadership Program

As part of the Technology Leadership Program, Ashley creates great programming tools and works on creating and perfecting Target’s text messaging API.

Levi G.

Principal Engineer, Engineering Practices Team

Levi and the DevOps Team are responsible for implementing the latest engineering practices such as continuous integration and deployment in new interactive products at Target.


Back to top