What you'd actually do

Review and validate AI-generated static and dynamic analysis results.

Analyze large sample sets and cluster malware into families and campaigns

Perform focused reversing on critical code paths (i.e. loaders, unpacking routines, injection logic)

Recognize common exploitation patterns (memory corruption, logic flaws, sandbox escapes)

Contribute to high-quality detection logic (YARA, behavioral rules, heuristics)

Skills

Required

4 year degree or equivalent experience
7+ years of software or security engineering experience preferably in malware labs, CTFs or with personal research projects
Demonstrated understanding of reverse engineering concepts (x86/x64, assembly, calling conventions)
Familiarity with common malware techniques (packing, persistence, process injection)
Demonstrated programming knowledge in C/C++ and Python
Familiarity with YARA or other detection frameworks
Experience with tools like Ghidra, IDA Pro, Binary Ninja or similar
Exposure to dynamic analysis (debugging, sandboxing, instrumentation)
Understanding of OS internals (Windows or Linux), including processes, memory, and system calls
Basic networking knowledge (protocols, common attack surfaces)
Ability to reason about unfamiliar code and derive behavior from partial information
Basic knowledge of exploitation concepts (i.e. buffer overflows, ROP)
Curiosity when things don’t match expectations—willingness to dig deeper and analyze
Comfort working with incomplete or noisy data at scale
Willingness to rely on automation without blindly trusting it
Ability to critically evaluate machine-generated analysis
Interest in how adversaries may evade or manipulate automated systems
Maintains technical knowledge within areas of expertise
Stays current with new and evolving technologies via formal training and self-directed education

The pay range is $132,000.00 - $238,000.00

Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.

JOIN TARGET CYBERSECURITY AS A LEAD MALWARE REVERSE ENGINEER

About us:

Working at Target means helping all families discover the joy of everyday life. We bring that vision to life through our values and culture. Learn more about Target here.

As a Lead Engineer - Malware Reverse Engineering you will join a team supporting teams across our Cyber Fusion Center (CFC). This Malware Analysis role is not centered on manually reversing every instruction or task, but instead investigating, researching and implanting new ways we can leverage AI-assisted tooling to triage samples, validate machine-generated analysis and investigate complex or evasive malware where regular automation falls short.

You will develop a strong foundation in reverse engineering while learning how to operate at high scale, analyze attacker tradecraft, think adversarial about both malware and analysis systems as well as translate reverse engineering insights into durable detections across the CFC.

What You will Work On: AI-Augmented Malware Analysis

Review and validate AI-generated static and dynamic analysis results.
Identify inaccuracies, gaps or adversarial manipulation in automated outputs
Refine analysis by guiding tools toward deeper behavioral understanding

Triage and Prioritization at Scale

Analyze large sample sets and cluster malware into families and campaigns
Distinguish commodity noise from high-impact or novel threats
Escalate edge cases requiring deeper manual investigation

Targeted Reverse Engineering

Perform focused reversing on critical code paths (i.e. loaders, unpacking routines, injection logic)
Analyze obfuscation, packing and anti-analysis techniques
Investigate unusual or non-standard execution environments (custom VMs, staged payloads)

Exploit Awareness and Analysis

Recognize common exploitation patterns (memory corruption, logic flaws, sandbox escapes)
Assist in reconstructing exploit chains and post-exploitation behavior
Support root-cause understanding for vulnerabilities observed in the wild

Detection Development

Contribute to high-quality detection logic (YARA, behavioral rules, heuristics)
Extract stable, meaningful indicators from reversed samples
Collaborate with detection engineers to ensure resilience against evasion

Tooling and Pipeline Interaction

Work with automated analysis pipelines (static, dynamic, emulation)
Assist in improving analysis workflows and signal quality
Leverage Python scripting to extend or customize tooling

Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs.

About you:

4 year degree or equivalent experience
7+ years of software or security engineering experience preferably in malware labs, CTFs or with personal research projects
Demonstrated understanding of reverse engineering concepts (x86/x64, assembly, calling conventions)
Familiarity with common malware techniques (packing, persistence, process injection)
Demonstrated programming knowledge in C/C++ and Python
Familiarity with YARA or other detection frameworks
Experience with tools like Ghidra, IDA Pro, Binary Ninja or similar
Exposure to dynamic analysis (debugging, sandboxing, instrumentation)
Understanding of OS internals (Windows or Linux), including processes, memory, and system calls
Basic networking knowledge (protocols, common attack surfaces)
Ability to reason about unfamiliar code and derive behavior from partial information
Basic knowledge of exploitation concepts (i.e. buffer overflows, ROP)
Curiosity when things don’t match expectations—willingness to dig deeper and analyze
Comfort working with incomplete or noisy data at scale
Willingness to rely on automation without blindly trusting it
Ability to critically evaluate machine-generated analysis
Interest in how adversaries may evade or manipulate automated systems
Maintains technical knowledge within areas of expertise
Stays current with new and evolving technologies via formal training and self-directed education

This position may be considered for a Remote or Hybrid (known internally at Target as "Flex for Your Day") work arrangement based on Target's needs. A Remote work arrangement means the team member works full-time from home or an alternate location that's not a Target location, does not have a desk at a Target location and may travel to HQ up to 4 times a year. A Hybrid/Flex for Your Day work arrangement means the team member's core role may be performed either remote or onsite at a Target location depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target.

Benefits Eligibility

Please paste this url into your preferred browser to learn about benefits eligibility for this role: https://tgt.biz/BenefitsForYou_E

Americans with Disabilities Act (ADA)

In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please reach out to candidate.accommodations@HRHelp.Target.com. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed through this channel.

Application deadline is : 06/18/2026