Lead Engineer Threat Hunting and Countermeasures

About the position JOIN TARGET CYBERSECURITY AS A LEAD ENGINEER - THREAT DETECTION AND COUNTERMEASURES. As a Fortune 50 company with more than 400,000 team members worldwide, Target is one of the world's most recognized brands and one of America's leading retailers. But behind the brand our guests love, is a culture of continual innovation - and right now, we are up to big things. The Cyber Fusion Center is the heart of Target's security team and a place where innovation happens daily. Interested in a culture that combines invention and creative freedom, ongoing learning, engineering excellence, and stellar outcomes? We are, too - that's why we work here. Join our team to take new enterprise security solutions from concept to release, collaborating with both software & security engineers to innovate on helping defend Target's network using cutting-edge technologies. Responsibilities • Conduct proactive threat hunts using hypothesis-driven methodologies, leveraging intelligence, SIEM data, and behavioral analytics. • Analyze logs, network traffic, endpoint telemetry, and other data sources to identify malicious activities and adversary tactics. • Develop and refine detection and visibility capabilities in collaboration with the detection engineering team. • Investigate emerging threats, adversary techniques (MITRE ATT&CK, Kill Chain, etc.), and security incidents to create new hunt methodologies. • Improve automation and operational efficiency of hunting workflows through scripting and security tools. • Collaborate with red and blue teams to validate detection strategies and improve security coverage. • Contribute to the development of threat models and proactive countermeasure strategies. • Conduct research and analysis on adversary tradecraft to enhance Target's threat hunting program. Requirements • 4-year degree or equivalent experience in cybersecurity or related fields. • 4+ years' of experience in cybersecurity, with a strong focus on threat hunting, detection engineering, security operations, or incident response. • 2+ years' experience in developing detections based on threat intelligence and adversary behaviors. • Strong familiarity with SIEM systems, EDR solutions, and security data analytics. • Experience in scripting with Python, PowerShell, JavaScript, or shell scripting to automate security tasks and enhance threat hunting operations. • Deep understanding of adversary tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK and the Cyber Kill Chain. • Strong analytical and problem-solving skills with the ability to interpret large datasets to identify malicious activities. • Strong communication skills with the ability to navigate ambiguity and collaborate across security teams. Nice-to-haves • Experience with deception techniques, honeytokens, or other adversary engagement strategies. • Background in malware analysis, reverse engineering, exploit development, forensic techniques, or network security monitoring. • Certifications such as GREM, GCFA, or similar in advanced threat hunting and analysis. Benefits • Comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more. • 401(k) • Employee discount • Short term disability • Long term disability • Paid sick leave • Paid national holidays • Paid vacation Apply tot his job