Lead Information Security Architect - BISO

Description:
LEAD INFO SECURITY BISO ANALYST / ARCHITECT

About us:
Target is an iconic brand, a Fortune 50 company and one of America's leading retailers.

Target as a tech company? Absolutely. We're the behind-the-scenes powerhouse that fuels Target's passion and commitment to cutting-edge innovation. We anchor every facet of one of the world's best-loved retailers with a strong technology framework that relies on the latest tools and technologies-and the brightest people-to deliver incredible value to guests online and in stores. Target Technology Services is on a mission to offer the systems, tools and support that guests and team members need and deserve. Our high-performing teams balance independence with collaboration, and we pride ourselves on being versatile, agile and creative. We drive industry-leading technologies in support of every angle of the business, and help ensure that Target operates smoothly, securely and reliably from the inside out.

As BISO Lead for Corporate Systems you'll...

  • Act as point of contact to executive leadership for identifying, managing, and driving remediation of IT risk for Corporate Systems.
  • Provide guidance to Corporate Systems product teams to enable them to design, develop, and deploy solutions that align with the business, security, and compliance objectives of Target.
  • Reduce risk by championing sound control principles to strengthen the security of Target's Corporate Systems.
  • Monitor and review security metrics to measure security effectiveness.
  • Ensure that appropriate stakeholders are held accountable as to the state of their controls and that they understand their responsibilities regarding risk mitigation and remediation.
  • Identify and escalate significant risks to senior leadership for information and/or action.
  • Facilitate, attend, participate in, and/or drive internal/external meetings and risk committees.
  • Provide updates to business groups, partners, and information security leadership through established communication channels.
  • Engage with product teams and various levels of leadership to ensure risks are addressed in a timely manner.
  • Provide feedback to other security teams in order to align Target's Information Security investments with the needs of the business.
  • Influence and support Target Information Security policies.


Required Qualifications

  • Ability to provide effective leadership and subject matter expertise on IT Risk topics to senior leadership, technology, and business partners.
  • Demonstrated experience communicating effectively at different levels of the organization, and with various technical and business audiences.
  • Capable of navigating ambiguity and conflicting priorities and developing working business relationships based on trust.
  • Ability to lead down, across, and up in order to persuade and/or negotiate desired outcomes.
  • Demonstrated ability to build and maintain collaborative relationships with partners, clients, and peers.
  • Excellent problem-solving abilities and analytical skills.
  • Ability to see the big picture with high attention to critical details.
  • Ability to think "out of the box" to identify and create innovative new enterprise patterns.
  • 5+ years of Information Technology and/or Information Security experience.
  • BA/BS in Information Technology, Information Security, or a related discipline or equivalent experience and knowledge of security domains.


Desired Qualifications (one or more of the following)

  • Knowledge of open source deployment and development security (e.g. CI/CD pipelines and layering in security), API security, SaaS security, and/or network security.
  • 2+ years of consultancy, advisory, or business-facing information security experience.
  • Development experience with open-source tools and platforms or practical knowledge of development / SecDLC.
  • Experience working with HR, Finance/ERP, Content & Collaboration, and/or Process Automation business teams.
  • Knowledge of and experience securing IoT devices and platforms.
  • Knowledge of security controls related to IaaS, PaaS, and SaaS.
  • CISSP or ability to pass exam(s) within 90 days.


Back to top