Jobs · Engineering · Minnesota

Director of Engineering - Cloud Security

Target · Brooklyn Park, MN · 3 wk ago
Engineering$168k–$303k/yrFull-time

About the role

Join our team to improve Target’s security and move the business forward. As an Engineering Director on the Cloud Security team, you’ll lead a team of engineers responsible for deploying, operating, automating, and scaling cloud security capabilities across Target's public and private cloud environments.

Responsibilities

  • Lead a team of engineers responsible for the day-to-day implementation and operation of Target's cloud security controls.
  • Establish good stakeholder communication, work closely with partner teams, and help drive requirements while being a strong advocate of efficient and secure engineering practices.
  • Own the end-to-end engineering, deployment, configuration, and ongoing operation of Target's cloud security platforms — including CSPM, IaC scanning, Kubernetes admission control, SSPM, secure configuration management, and cloud workload protection — across Target's public and private cloud environments.
  • Operate these platforms as production systems: own their availability, performance, observability, capacity, upgrade cadence, and outage response, with clear SLOs and on-call coverage.
  • Implement and operate Kubernetes admission controller policies across the private and public cloud fleet, and own the rollout strategy that gets to enforcement without breaking developers.
  • Build and operate the capabilities that support cloud incident response in partnership with Detection & Response.
  • Translate policy requirements into a prioritized engineering roadmap, and deliver against it predictably.
  • Drive multi-quarter initiatives end-to-end: from problem framing and scoping, through design, build, rollout, adoption, and steady-state operation.
  • Make pragmatic build-vs-buy decisions and own the lifecycle of the cloud security tools the team operates: vendor relationship, evaluations/POCs, contract input, capability adoption, and sunsetting.
  • Drive adoption of the team's controls across Target Tech, including onboarding, exception/governance workflows, and developer enablement.
  • Treat the cloud security control plane as a product: invest in automation, self-service, and platform thinking so controls scale with Target's cloud footprint.
  • Continuously reduce toil for both your team and Target's engineering organization — fewer one-off tickets, more paved roads, better defaults, faster feedback in CI/CD.
  • Own the developer experience of the team's controls: clear error messages, documented escape hatches, fast and well-coordinated exception handling, and a tight feedback loop with product engineering.
  • Own the findings pipeline: aggregate signal from config hardening, CSPM, IaC and admission controller exceptions, and SSPM, and ship it into Target's enterprise remediation dashboards with SLAs so product and platform teams can act.
  • Partner with the broader Cloud Platform organization, Identity Security, Network Security, Data Security, Detection & Response, Vulnerability Management, BISO, and product engineering to align on requirements, rollout plans, and operational ownership.
  • Represent the team's work clearly to senior leadership: roadmap, risk reduction, operational health, and tradeoffs — in language tuned to the audience.

    Qualifications

    • A 4-year degree OR equivalent work experience
    • 10+ years of hands-on experience in technology, with deep experience in cloud security and the adjacent disciplines that make it work — cloud platform engineering, Kubernetes, IaC/CI-CD, automation, identity, and detection/response integration
    • 4+ years managing engineering teams with a strong track record of delivery in a platform, infrastructure, software development, or security engineering context
    • Experience hiring, growing, and retaining senior engineering talent, and building team operating models from the ground up
    • You lead engineers, not just programs: you’ve owned the full stack of engineering management — hiring, performance, career growth, on-call culture, code review standards, postmortems, and operational excellence
    • Demonstrated track record of running production platforms with clear SLOs, on-call coverage, change management, and continuous-improvement loops
    • Experience driving multi-quarter roadmaps end-to-end — from problem framing through rollout, adoption, and steady-state operation — and delivering predictably against them
    • Comfortable making and defending pragmatic build-vs-buy decisions, owning vendor relationships and tool lifecycles, and knowing when to invest in custom engineering vs. lean on a platform
    • Demonstrated experience leading teams that operate cloud security platforms at scale — CSPM, IaC scanning, SSPM, Security Configuration Management, and cloud workload protection
    • Hands-on experience with public cloud (GCP preferred; AWS/Azure experience also valued) and private cloud / Kubernetes environments at enterprise scale
    • Expertise in Kubernetes and admission controller frameworks, including the rollout patterns required to move from detect to enforce without breaking developers
    • Strong working knowledge of infrastructure as code (Terraform and equivalent) and policy-as-code (e.g., Rego), and experience integrating policy enforcement into CI/CD
    • Experience building and operating findings pipelines that integrate cloud security signal into enterprise remediation/governance platforms (e.g., shipping CSPM, IaC, admission controller, and SSPM findings to a centralized dashboards with ownership attribution & SLAs)
    • Experience integrating cloud telemetry into enterprise SIEM/SOAR pipelines
    • Proven history of effectively utilizing a variety of security tools and technologies across diverse environments
    • Hands-on experience integrating security tooling with developer workflows (CI/CD, source control, ticketing, IDP/internal developer platforms) in a way that scales with a large engineering organization
    • Strong understanding of secure software development practices, network security fundamentals, and modern cloud-native architectures
    • Solid understanding of AI/ML and the emerging security considerations associated with it, including how to enforce them through cloud security tooling
    • Automation-first engineering mindset, with hands-on fluency in at least one general-purpose language (e.g., Python, Go) and a track record of building reusable platforms and paved roads instead of one-off scripts
    • Strong cross-functional partner: comfortable working closely with security architecture, cloud platform, identity, network, data security, detection & response, vulnerability management, BISO, and product engineering teams to align requirements, rollout plans, and operational ownership
    • Effective at representing your team's work, risks, and tradeoffs to senior leadership, and equally effective explaining the same content to staff engineers in detail
    • Good understanding of security management workflows in large enterprise organizations and complex environments, and of the current threat landscape and the challenges most organizations are facing
    • Working knowledge of security frameworks, standards, and best practices (e.g., NIST, CIS Benchmarks, ISO/IEC 27001) — enough to align the team's controls to them, without being the policy author
    • Excellent written and verbal communication skills with strong presentation abilities
    • Demonstrated curiosity, bias for action, and a genuine builder's mindset — you want to ship the platform, not just describe it

      Pay

      The pay range is $168,000.00 - $303,000.00 Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications.

      Benefits

      In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.

Similar jobs