Senior Engineer – Threat Detection Operations
About the role
The Cyber Fusion Center is the heart of Target's security team and a place where innovation happens daily. This role focuses on transforming threat intelligence, incident learnings, and hunting outcomes into durable, high-fidelity detections.
Responsibilities
- Design, develop, deploy, and maintain production-ready detections across a variety of security platforms, including SIEM, EDR, cloud, identity, and network security technologies
- Translate threat intelligence, incident response findings, and threat hunting outcomes into scalable, actionable detection logic
- Develop and tune behavioral, signature-based, and statistical/anomaly-driven detections to identify malicious or suspicious activity while minimizing false positives and toil
- Collaborate with Cyber Threat Intelligence, Incident Response, Threat Hunting, and platform engineering teams to identify and resolve detection and visibility gaps
- Validate detection coverage against adversary tactics, techniques, and procedures (TTPs) using frameworks such as MITRE ATT&CK
- Measure and report on detection performance, including fidelity, coverage, and effectiveness
- Contribute to the continuous improvement of detection engineering practices, standards, and methodologies
Requirements
- 4-year degree in cybersecurity, computer science, data science, or a related field, or equivalent practical experience
- 5+ years of experience in cybersecurity, including at least 3 years focused on developing detections informed by threat intelligence, adversary behaviors, and/or data science and machine learning techniques
- Experience developing, deploying, and tuning detections across a variety of platforms such as SIEM, EDR, cloud security, and security analytics platforms
- Strong understanding of end-to-end detection engineering concepts resulting in durable, scalable detection content
- Strong scripting skills with languages such as Python, PowerShell, or Bash to automate security workflows and improve detection operations
- Strong understanding of adversary tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK and the Cyber Kill Chain
- Strong analytical and problem-solving skills with the ability to evaluate security telemetry and identify detection opportunities
- Strong communication and collaboration skills with the ability to work effectively across security and engineering teams
Qualifications
- Relevant certifications such as GCIA, GCIH, GCED, GMLE, GCFA, or similar cybersecurity certifications
Skills
- Experience with detection-as-code methodologies, CI/CD pipelines, and automated testing frameworks for security content
- Experience applying statistical analysis, anomaly detection, machine learning, or behavioral analytics to improve detection capabilities
- Experience with security data modeling, feature engineering, or graph-based threat detection techniques
- Experience applying LLMs or AI-assisted workflows to detection development, alert triage, enrichment, or investigation use cases
Benefits
Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.