Lead Engineeer Threat Hunting & Countermeasures

Pay is based on several factors which vary based on include labor markets and in some instancesmay include education work experience and addition to your pay Target cares about and invests in you as a team member so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs which may include medical vision dental life insurance and more to help you and your family take care of your whole benefits for eligible team members include 401(k) employee discount short term disability long term disability paid sick leave paid national holidays and paid competitive benefits from financial and education to well-being and beyond at Us

Target is an iconic brand a Fortune 50 company and one of Americas leading retailers.

Target as a tech company Absolutely. Were the behind-the-scenes powerhouse that fuels Targets passion and commitment to cutting-edge innovation. We anchor every facet of one of the worlds best-loved retailers with a strong technology framework that relies on the latest tools and technologiesand the brightest peopleto deliver incredible value to guests online and in stores. Target Technology Services is on a mission to offer the systems tools and support that guests and team members need and deserve. We drive industry-leading technologies in support of every angle of the business and help ensure that Target operates smoothly securely and reliably from the inside out. Our high-performing teams balance independence with collaboration and we pride ourselves on being versatile agile and creative. Use your skills experience and talents as a member of a world-class cyber security team!

About the Role

As a Lead Engineer Threat Hunting and Countermeasures you will help advance Targets ability to detect and understand sophisticated threats by combining threat hunting expertise with strong data and analytical capabilities. This role is centered on proactive hypothesis-driven hunting but it is equally grounded in the ability to work at scale across large complex datasets to identify meaningful patterns anomalies and indicators of adversary behavior. You will apply statistical methods security analytics and machine learning techniques to transform hunting concepts into scalable repeatable detection strategies. Working across security detection engineering and intelligence functions you will investigate emerging threats develop countermeasures improve visibility and strengthen Targets overall defensive posture. This role is ideal for someone who is deeply technical analytically driven and excited to blend hands-on hunting with modern data science approaches in cyber defense.

Core Responsibilities

• Process and analyze large-scale security datasets using platforms such as BigQuery or similar data environments to identify behavioral patterns establish baselines and surface anomalous activity.
• Conduct structured hypothesis-driven threat hunts informed by threat intelligence adversary tradecraft and behavioral analytics.
• Apply statistical analysis anomaly detection and machine learning techniques to improve threat detection investigation and prioritization workflows.
• Design develop operationalize and tune production-ready detections including data-driven and machine learning-based approaches to identify novel or evasive threats.
• Build and enhance scalable analytics and detection pipelines in partnership with detection engineering data engineering and platform teams.
• Investigate emerging threats adversary techniques and security incidents to refine hunt methodologies and detection strategies.
• Collaborate with incident response detection engineering cyber threat intelligence and other security partners to validate findings and improve security coverage.
• Partner with red and blue teams to test detections strengthen countermeasures and expand visibility across the enterprise.
• Contribute to threat modeling and adversary research to continuously improve threat hunting practices and defensive capabilities.

Required Skills

• 4-year degree in cybersecurity computer science data science or a related field or equivalent practical experience.
• 2 years of experience developing detections informed by threat intelligence adversary behaviors and/or data science and machine learning techniques.
• Experience processing and analyzing large-scale datasets using platforms such as BigQuery Snowflake Databricks or similar technologies.
• Strong data engineering fundamentals including building and maintaining data pipelines (e.g. ETL workflows streaming or batch processing).
• Experience applying data science and machine learning techniques (e.g. anomaly detection classification clustering behavioral modeling) to cybersecurity problems.
• Experience developing deploying and tuning production-ready detections using statistical or machine learningbased approaches.
• Strong familiarity with SIEM platforms EDR solutions and security data analytics.
• Experience scripting (e.g. Python PowerShell Bash) to automate security tasks and enhance threat hunting workflows.
• Deep understanding of adversary tactics techniques and procedures (TTPs) and frameworks such as MITRE ATT&CK and the Cyber Kill Chain.
• Strong analytical and problem-solving skills with the ability to interpret large datasets and identify malicious activity.
• Strong communication skills with the ability to navigate ambiguity and collaborate effectively across security teams.

Desired Skills (not required but a plus):

• Experience developing deploying and tuning production-ready detections using statistical or machine learningbased approaches.
• Experience with deception techniques honeytokens or other adversary engagement strategies.
• Background in malware analysis reverse engineering exploit development digital forensics or network security monitoring.
• Experience applying LLMs to security use cases (e.g. log analysis alert triage enrichment or detection augmentation).
• Experience with feature engineering for security telemetry or graph-based threat detection.
• Relevant certifications such as GIAC Machine Learning Engineer (GMLE) GREM GCFA or similar advanced cybersecurity or data science credentials.

Benefits Eligibility

In compliance with state and federal laws Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process please reach out to Non-accommodation-related requests such as application follow-ups or technical issues will not be addressed through this channel.