What you'd actually do

Lead and evolve enterprise threat detection capabilities to identify malicious activity across on-premises, hybrid, and cloud environments.

Lead the Threat Detection Operations function, including design, development, and continuous improvement of detection capabilities.

Oversee security logging coverage and data pipeline integrity to ensure reliable and comprehensive threat visibility.

Drive the development, tuning, and lifecycle management of detection use cases aligned to enterprise risk priorities and emerging threats.

Partner closely with Incident Response, Threat Intelligence, Insider Threat, Security Engineering, and technology teams to operationalize intelligence and improve detection outcomes.

Skills

Required

cybersecurity experience
threat detection
security monitoring
incident response
cyber defense operations
leadership experience
SIEM
SOAR
EDR/XDR
cloud-native detection capabilities
telemetry pipelines
problem-solving skills
cross-functional partnerships
communication skills
metrics and performance indicators

The pay range is $168,000.00 - $303,000.00

Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.

About Us

Target is an iconic brand, a Fortune 50 company, and one of America’s leading retailers.

Target as a tech company? Absolutely. We’re the behind-the-scenes powerhouse that fuels Target’s passion and commitment to cutting-edge innovation. We anchor every facet of one of the world’s best-loved retailers with a strong technology framework that relies on the latest tools and technologies—and the brightest people—to deliver incredible value to guests online and in stores. Target Technology Services is on a mission to offer the systems, tools and support that guests and team members need and deserve. We drive industry-leading technologies in support of every angle of the business, and help ensure that Target operates smoothly, securely and reliably from the inside out. Our high-performing teams balance independence with collaboration, and we pride ourselves on being versatile, agile and creative. Use your skills, experience, and talents as a member of a world-class cyber security team!

About the Role

As the Director of Cybersecurity – Threat Detection Operations, you will lead the vision, strategy, and execution of Target’s enterprise threat detection capabilities. This role oversees the people, technologies, and processes responsible for detecting cybersecurity threats across Target’s environment.

You will evolve Target’s detection engineering capabilities to ensure timely, high-confidence identification of malicious activity. This includes expanding detection coverage, improving signal quality, operationalizing threat intelligence, and enabling rapid investigation and response in partnership with our CSIRT team.

You will establish operational standards, foster a culture of continuous improvement, and ensure detection capabilities align with enterprise risk priorities. This leader works closely with CSIRT, Threat Intelligence, Insider Threat, Security Engineering, and broader Target Tech teams to strengthen visibility, automate workflows, and enhance Target’s overall defensive posture.

You will:

Lead and evolve enterprise threat detection capabilities to identify malicious activity across on-premises, hybrid, and cloud environments.
Lead the Threat Detection Operations function, including design, development, and continuous improvement of detection capabilities.
Oversee security logging coverage and data pipeline integrity to ensure reliable and comprehensive threat visibility.
Drive the development, tuning, and lifecycle management of detection use cases aligned to enterprise risk priorities and emerging threats.
Partner closely with Incident Response, Threat Intelligence, Insider Threat, Security Engineering, and technology teams to operationalize intelligence and improve detection outcomes.
Establish operational metrics and performance standards that measure detection coverage and program maturity.
Foster a culture of continuous improvement, innovation, and collaboration.
Champion automation and orchestration to scale detection operations and increase engineering efficiency.
Serve as a strategic advisor to cybersecurity and technology leadership on detection strategy, threat trends, and defensive readiness.

Responsibilities

Develop and execute long-term strategy for the Threat Detection Operations program, aligning detection capabilities to evolving threats and enterprise risk priorities.
Drive the lifecycle management of detection use cases and establish standards for logging, data onboarding, and quality controls that support effective detection.
Identify and address detection gaps to improve visibility across cloud, on-premises, and hybrid environments.
Build strong stakeholder relationships and influence product and technology roadmaps to improve security posture.
Lead cross-functional initiatives with cybersecurity, engineering, and business teams.
Provide coaching, performance management, and career development for a team of engineers.
Communicate technical risks, issues, and strategies to technical and non-technical audiences, including senior leadership.
Stay current on emerging threats, technologies, and best practices to continuously improve program capabilities.

About You

8+ years of cybersecurity experience with expertise in threat detection, security monitoring, incident response, or cyber defense operations.
Proven leadership experience building, scaling, and developing high-performing cybersecurity teams or functions.
Hands-on knowledge of SIEM, SOAR, EDR/XDR, cloud-native detection capabilities, and telemetry pipelines across hybrid environments.
Strong problem-solving skills with ability to resolve complex technical issues with minimal assistance.
Demonstrated ability to build strong cross-functional partnerships and influence enterprise strategy.
Ability to communicate technical topics effectively in training, mentorship, and executive settings.
Experience establishing metrics, SLAs, and performance indicators to measure detection coverage and program maturity
Strong written and verbal communication skills, with the ability to present complex security concepts clearly to varied audiences.
Self-directed learner who stays current with evolving cybersecurity trends and threats.

Work Arrangement:

This position will operate as a Hybrid/Flex for Your Day work arrangement based on Target’s needs. A Hybrid/Flex for Your Day work arrangement means the team member’s core role will need to be performed both onsite at the Target HQ MN location the role is assigned to and virtually, depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target. Click here if you are curious to learn more about Minnesota.

Benefits Eligibility

Please paste this url into your preferred browser to learn about benefits eligibility for this role: https://tgt.biz/BenefitsForYou_F

Americans with Disabilities Act (ADA)

In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please reach out to candidate.accommodations@HRHelp.Target.com. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed through this channel.