Director Cybersecurity BISO

Pay is based on several factors which vary based on include labor markets and in some instancesmay include education work experience and addition to your pay Target cares about and invests in you as a team member so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs which may include medical vision dental life insurance and more to help you and your family take care of your whole benefits for eligible team members include 401(k) employee discount short term disability long term disability paid sick leave paid national holidays and paid competitive benefits from financial and education to well-being and beyond at US AS A DIRECTOR OF CYBERSECURITY - BUSINESS INFORMATION SECURITY OFFICE (BISO)

About Us:

Working at Target means helping all families discover the joy of everyday life. We bring that vision to life through our values and culture. Learn more about Target here.

Targets security team is a place where innovation happens daily. Interested in a culture that combines ongoing learning security excellence and stellar outcomes We are too thatswhy we work here. Join our team to improve Targets security and move the business forward.

As a Director Business Information Security Office (BISO)youll collaborate with technical and leadership teams across all of Target Tech to lead a team of analysts to ensure that systems are designed and built will lead your team toidentifyrelevant security risks developappropriate mitigationstrategies integrate security functions and controls intosystem architecturesandevaluate and provide feedback on proposeddesigns.

Youwillbringadeepunderstanding of security risks controls mitigations and standards to a collaborative and advisory role helping the rest of the enterprise as new platforms and systems are built and as existing ones aremodifiedover time. This role is highly collaborative and advisory requiring strong technicalexpertise excellent communication skills and proven leadership in large-scale environments. You will partner closely with product engineering architecture and enterprise security teams to ensure security is integrated into platforms and products as they are designed built andoperated. The Director bringsdeepunderstanding of security architecture controls and design tradeoffs enabling effectivechallenge guidance and influence across complex initiatives. This role exercises influence through partnership risk insight and advisory leadership rather than direct ownership of technology decisions.

Expect to Lead Effective Security Decision Making:

• Assistyour team in driving technical decision making adhering to Target platform architecture and other enterprise considerations.
• Establish good stakeholder communication work closely with partner teams and help drive security requirements while being a strong advocate of efficient and secure coding practices across engineers.
• Collaborate with system designers to integrate security requirements into the design phase of IT systems
• Develop andmaintainsecurityguidance documentation including security models frameworks and diagrams
• Ensure that securitydecisions and guidancealign with the organizations businessobjectivesand regulatory requirements
• Understand security risksin order toidentifypotential vulnerabilities and threats
• Develop risk mitigation strategies and recommendappropriate securitycontrols
• Understand and recommendsecurity solutions including firewalls encryption protocols and access control mechanisms
• Collaborate with development and operations teams to ensure secure creation and deployment of IT systems
• Provide guidance on secure coding practices
• Prioritize driving highly impactful changes that improve the business
• Conduct full-stack architecture reviews of products and platforms
• Provideexpertiseon information security for complex systems and applications in cloud and on-prem environments
• Design security reference architectures and create implementation/configuration guides
• Provideexpertiseon creation and implementation of security controls

Lead and Develop the BISO Team:

• Build manage and mentor a high-performing team of BISO analysts
• Provide leadership coaching performance management and career development of the team
• Establish operating models engagement patterns and success metrics for the BISO function

Serve as a Strategic Security Partner:

• Act asa keysecurity advisor to senior technology and business leaders across Target Tech and the enterprise
• Translate complex technical security risks intoclearbusiness context enabling informed decision-making
• Establish strong stakeholder relationships and foster trust-based partnerships across Target Tech and the business
• Partner with senior leaders to provide security and riskperspectiveinto technology and business strategies roadmaps and investment decisions

Drive Risk-Based Security Outcomes:

• Oversee risk identification assessment and prioritization for products platforms and business initiatives
• Guidemitigation strategies in partnership with architecture engineering and enterprise security teams
• Ensure security considerations are integrated early into product and platform design discussions
• Help define socialize and operationalize enterprise risk tolerance by ensuring risk decisions are evaluated consistently and aligned with leadership expectations across the business
• Ensure risk management plans are clearly documented actionable and accurately reflect the organizations risk tolerance enabling transparent decision-making and consistent execution

Collaborate Across Enterprise Security:

• Partner closely with Security Architecture Engineering Cyber Risk Incident Response and other enterprisecybersecurity teams
• Provide business and product context during security incidents and critical risk events
• Advocate for systemic improvements to security controls tooling guidance and processes based onobservedrisk patterns
• Help elevate security awareness fluency and decision-making capability across Target Tech by influencing standards patterns and guidance that enable teams to manage risk effectively
• Partner with audit legal privacy and compliance teams to provide business and technology context for risk assessments regulatory activities and external engagements

Influence at Scale:

• Participate in governance forums architecture reviews and leadership discussions as a security representative
• Prioritize driving highly impactful changes that improve security outcomes while enabling business agility
• Communicate effectively with technical and non-technical audiences including executive leadership ensuring cybersecurity is informed of business priorities and initiatives while keeping leaders informed engaged and activelysolicitingtheir input to ensure alignment on risk tolerance and security tradeoffs

Core responsibilities of this job are described within this job duties may change at any time due to business needs.

About You:

• 4-year degree or equivalentworkexperience
• 10 years of experience in both technology and cybersecurity roles with broad exposure across multiple technology and security domains.
• 4 years ofpeopleleadership experience managing teams and driving outcomes in complex organizations
• Strong understanding of application and platform security concepts cloud and on-prem architectures identity data protection compliance and secure software development practices
• Demonstrated ability to assess risk influence decisions andoperateeffectively in a large enterprise environment
• Good understanding of security management workflows in large enterprise organizations and complex environments
• Excellent written and verbal communication skills with strong presentation abilities
• Understanding of network security cryptography and secure software development
• Experience with security technologies such as firewalls IDS/IPS SIEM and DLP
• Excellent analytical problem-solving and communication skills

Preferred:

• Experience in retail or large consumer-facing enterprises
• Prior experience in a BISO security leadership product security or architecture-adjacent role
• Working knowledge of security frameworks and standards (e.g. NIST ISO/IEC 27001)
• Familiarity with modern technology stacks including cloud-native platforms APIs data platforms and emerging technologies (e.g. AI/ML)
• Demonstrated curiosity continuous learning mindset and ability to collaborate across teams and domains

This position willoperateas a Hybrid/Flex for Your Day work arrangement based on Targets needs. A Hybrid/Flex for Your Day arrangement means the team members core role will need to be performed both onsite at the Target HQ MN location the role is assigned to and virtually depending upon what your role team and tasks require for that day.

Benefits Eligibility

In compliance with state and federal laws Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process please reach out to Non-accommodation-related requests such as application follow-ups or technical issues will not be addressed through this channel.