What you'd actually do

Use your technology acumen to apply and maintain knowledge of current and emerging technologies within specialized areas of the technology domain

Design, build, and enhance internal applications, services, and workflows that support insider risk detection, user risk assessment, and incident response operations

Help mature and become the subject matter expert for an internally developed UEBA capability, including detection workflows, enrichment, scoring, and analyst-facing investigation experiences

Contribute across the broader Incident Response Engineering portfolio, including SOAR, artifact collection, and related internal platforms

Evaluate new technologies and participate in decision-making, accounting for factors such as viability within Target’s technical environment, maintainability, and cost of ownership

Skills

Required

4 year degree or equivalent experience
5+ years of software development experience with at least one full cycle implementation from requirement to production
Strong problem solving and thought partnership skills
Demonstrated sense of ownership and the ability to work with a limited set of requirements
Expertise in frontend and backend development
Expertise in JavaScript or TypeScript, React, and Python
Experience designing and integrating REST APIs and web-based services
Experience building internal applications, workflow systems, or analyst-facing tools
Ability to navigate ambiguity and contribute across multiple Incident Response Engineering tools and platforms

Nice to have

Experience with SOAR platforms or security automation tools
Experience with UEBA, insider risk, behavioral analytics, or detection engineering
Familiarity with PostgreSQL or similar relational databases
Familiarity with identity and access patterns, including RBAC and Active Directory / LDAP integrations
Familiarity with data pipelines or data-processing workflows

The pay range is $132,000.00 - $238,000.00

Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.

About us:

Working at Target means helping all families discover the joy of everyday life. We bring that vision to life through our values and culture. Learn more about Target here.

JOIN TARGET CYBERSECURITY AS A LEAD ENGINEER – INCIDENT RESPONSE ENGINEERING

As a Lead Engineer, you serve as the technical anchor for the engineering team that supports the product. You help set the direction for application architecture and influence implementation across the team. You can distill abstract architecture into concrete design and guide others in building robust and scalable systems. You demonstrate deep expertise in applying software engineering patterns to solve complex technical problems. You are an expert programmer who applies your skills in developing the product while also influencing fellow engineers through software design proposals, implementation feedback, and technical coaching. You show strong problem-solving skills, help the team triage operational issues, and use your expertise to eliminate repeat occurrences.

We are looking for a highly skilled and self-motivated Lead Engineer to support the Incident Response Engineering team, with an initial focus on an internally developed user and entity behavior analytics capability used for insider risk detection and user risk assessment. You will help mature and expand the tooling that enables security teams to identify risky behavior, investigate users, and respond more effectively using behavioral signals, scoring, and workflow-driven analysis. You will work closely with end users to create innovative solutions that bridge the gap between security operations needs and practical engineering outcomes, while also serving as a key engineering leader across broader Incident Response Engineering tools and platforms, including SOAR and artifact collection. Core responsibilities of this job are described within this job description.

As a Lead Engineer, you’ll take the lead as you…

Use your technology acumen to apply and maintain knowledge of current and emerging technologies within specialized areas of the technology domain
Design, build, and enhance internal applications, services, and workflows that support insider risk detection, user risk assessment, and incident response operations
Help mature and become the subject matter expert for an internally developed UEBA capability, including detection workflows, enrichment, scoring, and analyst-facing investigation experiences
Contribute across the broader Incident Response Engineering portfolio, including SOAR, artifact collection, and related internal platforms
Evaluate new technologies and participate in decision-making, accounting for factors such as viability within Target’s technical environment, maintainability, and cost of ownership
Lead design, code review, testing, debugging, and implementation activities at the application level
Partner with engineers, analysts, and cross-functional teams to translate operational needs into scalable technical solutions
Support data pipeline and workflow capabilities that improve data visibility, operational effectiveness, and coverage for current tooling gaps
Provide technical guidance to other engineers and help resolve complex operational and engineering issues through durable solutions

About you:

4 year degree or equivalent experience
5+ years of software development experience with at least one full cycle implementation from requirement to production
Strong problem solving and thought partnership skills
Demonstrated sense of ownership and the ability to work with a limited set of requirements
Expertise in frontend and backend development
Expertise in JavaScript or TypeScript, React, and Python
Experience designing and integrating REST APIs and web-based services
Experience building internal applications, workflow systems, or analyst-facing tools
Experience with SOAR platforms or security automation tools preferred
Experience with UEBA, insider risk, behavioral analytics, or detection engineering preferred
Familiarity with PostgreSQL or similar relational databases preferred
Familiarity with identity and access patterns, including RBAC and Active Directory / LDAP integrations, preferred
Familiarity with data pipelines or data-processing workflows is a strong plus
Strong communication and collaboration skills
Ability to navigate ambiguity and contribute across multiple Incident Response Engineering tools and platforms

Work Arrangement:

This position will operate as a Hybrid/Flex for Your Day work arrangement based on Target’s needs. A Hybrid/Flex for Your Day work arrangement means the team member’s core role will need to be performed both onsite at the Target HQ MN location the role is assigned to and virtually, depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target. Click here if you are curious to learn more about Minnesota.

Benefits Eligibility

Please paste this url into your preferred browser to learn about benefits eligibility for this role: https://tgt.biz/BenefitsForYou_E

Americans with Disabilities Act (ADA)

In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please reach out to candidate.accommodations@HRHelp.Target.com. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed through this channel.