Sr Engineer Malware Reverse Engineering (AI-Augmented Analysis)

Pay is based on several factors which vary based on include labor markets and in some instancesmay include education work experience and addition to your pay Target cares about and invests in you as a team member so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs which may include medical vision dental life insurance and more to help you and your family take care of your whole benefits for eligible team members include 401(k) employee discount short term disability long term disability paid sick leave paid national holidays and paid competitive benefits from financial and education to well-being and beyond at TARGET CYBERSECURITY AS A SR MALWARE REVERSE ENGINEER

About us:

Working at Target means helping all families discover the joy of everyday life. We bring that vision tolife through our values and culture.Learn more about Target here.

As a Sr Engineer - Malware Reverse Engineering you will join a team supporting teams across our Cyber Fusion Center (CFC). This Malware Analysis role is not centered on manually reversing every instruction or task but instead investigating researching and implanting new ways we can leverage AI-assisted tooling to triage samples validate machine-generated analysis and investigate complex or evasive malware where regular automation falls short.

You will develop a strong foundation in reverse engineering while learning how to operate at high scale analyze attacker tradecraft think adversarial about both malware and analysis systems as well as translate reverse engineering insights into durable detections across the CFC.

What You will Work On:
AI-Augmented Malware Analysis

• Review and validate AI-generated static and dynamic analysis results.
• Identify inaccuracies gaps or adversarial manipulation in automated outputs
• Refine analysis by guiding tools toward deeper behavioral understanding

Triage and Prioritization at Scale

• Analyze large sample sets and cluster malware into families and campaigns
• Distinguish commodity noise from high-impact or novel threats
• Escalate edge cases requiring deeper manual investigation

Targeted Reverse Engineering

• Perform focused reversing on critical code paths (i.e. loaders unpacking routines injection logic)
• Analyze obfuscation packing and anti-analysis techniques
• Investigate unusual or non-standard execution environments (custom VMs staged payloads)

Exploit Awareness and Analysis

• Recognize common exploitation patterns (memory corruption logic flaws sandbox escapes)
• Assist in reconstructing exploit chains and post-exploitation behavior
• Support root-cause understanding for vulnerabilities observed in the wild

Detection Development

• Contribute to high-quality detection logic (YARA behavioral rules heuristics)
• Extract stable meaningful indicators from reversed samples
• Collaborate with detection engineers to ensure resilience against evasion

Tooling and Pipeline Interaction

• Work with automated analysis pipelines (static dynamic emulation)
• Assist in improving analysis workflows and signal quality
• Leverage Python scripting to extend or customize tooling

Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs.

About you:

• 4 year degree or equivalent experience
• 5 years of software or security engineering experience preferably in malware labs CTFs or with personal research projects
• Demonstrated understanding of reverse engineering concepts (x86/x64 assembly calling conventions)
• Familiarity with common malware techniques (packing persistence process injection)
• Demonstrated programming knowledge in C/C and Python
• Familiarity with YARA or other detection frameworks
• Experience with tools like Ghidra IDA Pro Binary Ninja or similar
• Exposure to dynamic analysis (debugging sandboxing instrumentation)
• Understanding of OS internals (Windows or Linux) including processes memory and system calls
• Basic networking knowledge (protocols common attack surfaces)
• Ability to reason about unfamiliar code and derive behavior from partial information
• Basic knowledge of exploitation concepts (i.e. buffer overflows ROP)
• Curiosity when things dont match expectationswillingness to dig deeper and analyze
• Comfort working with incomplete or noisy data at scale
• Willingness to rely on automation without blindly trusting it
• Ability to critically evaluate machine-generated analysis
• Interest in how adversaries may evade or manipulate automated systems
• Maintains technical knowledge within areas of expertise
• Stays current with new and evolving technologies via formal training and self-directed education

This position will operate as a Hybrid/Flex for Your Day work arrangement based on Targets needs. A Hybrid/Flex for Your Day work arrangement means the team members core role will need to be performed both onsite at the Target HQ Minnesota location the role is assigned to and virtually depending upon what your role team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location unless otherwise prescribed by Target.

Benefits Eligibility

In compliance with state and federal laws Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process please reach out to Non-accommodation-related requests such as application follow-ups or technical issues will not be addressed through this channel.