Lead Analyst - Payment Security
The pay range is $113,000.00 - $203,000.00
Pay is based on several factors which vary based on position.These include labor markets and in some instancesmay include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves.Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation.Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.
JOIN TARGET CYBERSECURITY AS A LEAD ANALYST - PAYMENT SECURITY
About This Opportunity
The Lead Payment Security Analyst will be responsible for ensuring the PCI-DSS compliance of the largest and most complex payment card systems and processes across Target, and leading the overall assessment effort for a large Cardholder Data Environment (CDE) at Target.
We're looking for a team player who will excel in partnering with other business, technology, and security experts across the company to assess the people, process, and technology that support Target's payment card security architecture.
Use your skills, experience and talents to be a part of groundbreaking thinking and visionary goals. As a Lead Payment SecurityAnalyst, you'll take the lead as you...
• Serve as a lead project manager or top technical subject matter resource to drive PCI-DSS compliance
• Consult on complex payment security and PCI-DSS compliance considerations
• Understand and assess complex branded payment acceptance and card servicing processes
• Develop and consult on remediation requirements for applications, servers, databases, payment devices, local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices to ensure PCI-DSS compliance
• Drive necessary and complex system and process updates
• Answer prioritization, technical, or PCI-DSS interpretation questions from the PCI-DSS assessment teams
• Interact directly with Target's PCI-DSS Qualified Security Assessor (QSA) on complex interpretation, implementation, and assessment questions
• Work closely with cross-functional teams and develop strong liaison relationships
• Stay current with new and evolving security topics and technologies via formal training and self-directed education
• Willingly share knowledge and experiences with less experienced staff to help grow team talent bench through training and mentoring
• Provide payment card security thought-leadership within the team and to the broader IT organization to promote and develop consistent technical build processes
• Serve as a peer to the leaders of the PCI-DSS assessment and consulting teams
Requirements
• Bachelor's degree in relevant field of work
• 5-7 years IT background; experience with payment card compliance or regulatory issues preferred
• 3+ years prior experience supporting, a Level 1 or Level 2 organization's PCI-DSS compliance effort, working with an ISA or QSA, or serving as an ISA or QSA
• Experience with large scale project management (planning, organizing, and managing resources to bring about the successful completion of specific project goals and objectives)
• Advanced knowledge of all requirements of the PCI-DSS v3.x, other significant PCI-SSC guidance, and card security and compliance requirements from the major card brands
• Advanced knowledge of five or more of the following technical areas: network segmentation, operating system security, encryption and key management, tokenization, anti-virus and malware, secure system development, identity and access management, vulnerability management, physical access controls, penetration testing, file integrity monitoring, logging, and information security policy
• Able to scope, interpret and prioritize both application and network vulnerability test results
• Ability to effectively communicate complex security issues to auditors, assessors and both technical and non-technical leaders.
• Ability to identify problems, analyze data and present conclusions effectively
• Strong verbal, written and presentations skills
• Excellent PC skills (Excel, Word, Adobe, SharePoint)
• Industry Certifications (CISSP/PCI QSA or ISA/PCIP/CISM/CRISC) preferred
• Cloud security or architecture experience preferred
• EMV "Chip and PIN" and mobile payment experience preferred
• Former PCI QSA with retail and card servicing experience preferred
• Development experience a plus
This position will operate as a Hybrid/Flex for Your Day work arrangement based on Target's needs. A Hybrid/Flex for Your Day work arrangement means the team member's core role will need to be performed both onsite at the Target HQ MN location the role is assigned to and virtually, depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target. Click here if you are curious to learn more about Minnesota.
Benefits Eligibility
Please paste this url into your preferred browser to learn about benefits eligibility for this role: https://tgt.biz/BenefitsForYou_E
Americans with Disabilities Act (ADA)
In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please reach out to [email protected].
Apply Now
Pay is based on several factors which vary based on position.These include labor markets and in some instancesmay include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves.Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation.Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.
JOIN TARGET CYBERSECURITY AS A LEAD ANALYST - PAYMENT SECURITY
About This Opportunity
The Lead Payment Security Analyst will be responsible for ensuring the PCI-DSS compliance of the largest and most complex payment card systems and processes across Target, and leading the overall assessment effort for a large Cardholder Data Environment (CDE) at Target.
We're looking for a team player who will excel in partnering with other business, technology, and security experts across the company to assess the people, process, and technology that support Target's payment card security architecture.
Use your skills, experience and talents to be a part of groundbreaking thinking and visionary goals. As a Lead Payment SecurityAnalyst, you'll take the lead as you...
• Serve as a lead project manager or top technical subject matter resource to drive PCI-DSS compliance
• Consult on complex payment security and PCI-DSS compliance considerations
• Understand and assess complex branded payment acceptance and card servicing processes
• Develop and consult on remediation requirements for applications, servers, databases, payment devices, local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices to ensure PCI-DSS compliance
• Drive necessary and complex system and process updates
• Answer prioritization, technical, or PCI-DSS interpretation questions from the PCI-DSS assessment teams
• Interact directly with Target's PCI-DSS Qualified Security Assessor (QSA) on complex interpretation, implementation, and assessment questions
• Work closely with cross-functional teams and develop strong liaison relationships
• Stay current with new and evolving security topics and technologies via formal training and self-directed education
• Willingly share knowledge and experiences with less experienced staff to help grow team talent bench through training and mentoring
• Provide payment card security thought-leadership within the team and to the broader IT organization to promote and develop consistent technical build processes
• Serve as a peer to the leaders of the PCI-DSS assessment and consulting teams
Requirements
• Bachelor's degree in relevant field of work
• 5-7 years IT background; experience with payment card compliance or regulatory issues preferred
• 3+ years prior experience supporting, a Level 1 or Level 2 organization's PCI-DSS compliance effort, working with an ISA or QSA, or serving as an ISA or QSA
• Experience with large scale project management (planning, organizing, and managing resources to bring about the successful completion of specific project goals and objectives)
• Advanced knowledge of all requirements of the PCI-DSS v3.x, other significant PCI-SSC guidance, and card security and compliance requirements from the major card brands
• Advanced knowledge of five or more of the following technical areas: network segmentation, operating system security, encryption and key management, tokenization, anti-virus and malware, secure system development, identity and access management, vulnerability management, physical access controls, penetration testing, file integrity monitoring, logging, and information security policy
• Able to scope, interpret and prioritize both application and network vulnerability test results
• Ability to effectively communicate complex security issues to auditors, assessors and both technical and non-technical leaders.
• Ability to identify problems, analyze data and present conclusions effectively
• Strong verbal, written and presentations skills
• Excellent PC skills (Excel, Word, Adobe, SharePoint)
• Industry Certifications (CISSP/PCI QSA or ISA/PCIP/CISM/CRISC) preferred
• Cloud security or architecture experience preferred
• EMV "Chip and PIN" and mobile payment experience preferred
• Former PCI QSA with retail and card servicing experience preferred
• Development experience a plus
This position will operate as a Hybrid/Flex for Your Day work arrangement based on Target's needs. A Hybrid/Flex for Your Day work arrangement means the team member's core role will need to be performed both onsite at the Target HQ MN location the role is assigned to and virtually, depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target. Click here if you are curious to learn more about Minnesota.
Benefits Eligibility
Please paste this url into your preferred browser to learn about benefits eligibility for this role: https://tgt.biz/BenefitsForYou_E
Americans with Disabilities Act (ADA)
In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please reach out to [email protected].
Apply Now