What you'd actually do

Provide subject-matter expertise in SOX IT risks and controls (access, change management, and operations)

Conduct in-depth process assessments and technical testing of key IT controls

Support onboarding of new applications and technology teams to the SOX program

Advise on design of IT controls and actions to reduce information security risks

Advise on remediation and perform impact assessments when IT deficiencies are identified

Skills

Required

5+ years of information security or other relevant experience
In-depth knowledge and experience in SOX programs and application of ITGC
In-depth knowledge and experience testing the effectiveness of controls
Ability to identify problems, analyze data and present conclusions
Ability to lead down, across, and up in order to influence desired outcomes

Nice to have

Bachelor's degree
Relevant certifications like CISA, CISSP, CISM
Knowledge of cloud technology and security controls
Knowledge of operating system security (ex. Windows/Linux) and databases (ex. Mongo, Postgres)
Experience in agile teams and modern technologies (ex. microservice architecture)
Strong verbal, written and presentations skills
Ability to navigate ambiguity and develop trusted business relationships
Knowledge of information security frameworks such as ISO, HiTrust, or PCI

The pay range is $88,000.00 - $158,000.00

Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.

About us:

Target is an iconic brand, a Fortune 50 company and one of America’s leading retailers.

Target as a tech company? Absolutely. We’re the behind-the-scenes powerhouse that fuels Target’s passion and commitment to cutting-edge innovation. We anchor every facet of one of the world’s best-loved retailers with a strong technology framework that relies on the latest tools and technologies—and the brightest people—to deliver incredible value to guests online and in stores. Target Technology Services is on a mission to offer the systems, tools and support that guests and team members need and deserve. Our high-performing teams balance independence with collaboration, and we pride ourselves on being versatile, agile and creative. We drive industry-leading technologies in support of every angle of the business, and help ensure that Target operates smoothly, securely and reliably from the inside out.

SOX IT is a team of experienced Cybersecurity professionals that serve a critical function in maintaining shareholder confidence in Target’s financial reporting. It achieves this by ensuring systems that process financial transactions are well-controlled and meet SOX IT General Controls requirements. It has the exciting challenge of evolving with Target’s rapidly changing technology environment to have the right controls applied to the right systems at the right time. This involves understanding changes occurring across Target’s environment and taking proactive action to respond to those changes.

SOX IT’s core responsibilities also involve onboarding new applications, advising on controls, conducting ongoing testing to monitor compliance, support annual audit activities, and educating technology teams. Deep business and technical expertise are foundational to the team as it scopes financial processes and designs compliant patterns in a microservice environment. Success of the program relies on maintaining trusted partnerships with our technology teams, business teams, internal auditors, and external auditors.

As a member of SOX IT, you will play a key role in maintaining Target’s SOX compliance. It will challenge you to quickly learn new technologies and processes, cultivate partnerships across the organization, critically think through risks and controls, assess effectiveness of those controls, and influence others to take action. Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs.

About you:

Provide subject-matter expertise in SOX IT risks and controls (access, change management, and operations)
Conduct in-depth process assessments and technical testing of key IT controls
Support onboarding of new applications and technology teams to the SOX program
Advise on design of IT controls and actions to reduce information security risks
Advise on remediation and perform impact assessments when IT deficiencies are identified
Develop trusted relationships with key stakeholders (tech/business, internal audit, external audit)
Summarize and report key risks to Cybersecurity leadership
Identify innovative opportunities to continuously mature the program and the value it delivers to the organization
Continuously develop your technical skills to align with Target’s evolving technology environment
Stay current with new and evolving security topics, technologies, and requirements via formal training and self-directed education

Desired skills and experiences include:

Bachelor's degree
5+ years of information security or other relevant experience
Relevant certifications like CISA, CISSP, CISM
In-depth knowledge and experience in SOX programs and application of ITGC
Knowledge of cloud technology and security controls.
Knowledge of operating system security (ex. Windows/Linux) and databases (ex. Mongo, Postgres).
In-depth knowledge and experience testing the effectiveness of controls
Experience in agile teams and modern technologies (ex. microservice architecture)
Strong verbal, written and presentations skills
Ability to navigate ambiguity and develop trusted business relationships
Ability to identify problems, analyze data and present conclusions
Ability to lead down, across, and up in order to influence desired outcomes
Knowledge of information security frameworks such as ISO, HiTrust, or PCI is preferred

This position will operate as a Hybrid/Flex for Your Day work arrangement based on Target’s needs. A Hybrid/Flex for Your Day work arrangement means the team member’s core role will need to be performed both onsite at the Target HQ MN location the role is assigned to and virtually, depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target. Click here if you are curious to learn more about Minnesota.

Benefits Eligibility

Please paste this url into your preferred browser to learn about benefits eligibility for this role: https://tgt.biz/BenefitsForYou_D

Americans with Disabilities Act (ADA)

In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please reach out to candidate.accommodations@HRHelp.Target.com. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed through this channel.