Title: Senior Engineer - Threat Detection Operations Location: MN-Brooklyn Park Job Description: The pay range is $98,000.00 - $176,000.00 Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation.  About Us Working at Target means helping all families discover the joy of everyday life. We bring that vision to life through our values and culture. Target is an iconic brand, a Fortune 50 company and one of America’s leading retailers. Target is one of the world’s most recognized brands and one of America’s leading retailers. But behind the brand our guests love, is a culture of continual innovation – and right now, we are up to big things. The Cyber Fusion Center is the heart of Target’s security team and a place where innovation happens daily. Interested in a culture that combines invention and creative freedom, ongoing learning, engineering excellence, and stellar outcomes? We are, too – that’s why we work here. Join our team to take new enterprise security solutions from concept to release, collaborating with both software & security engineers to innovate on helping defend Target’s network using cutting-edge technologies. We are looking for professional network engineers who will ensure Cybersecurity visibility requirements are being met through collaboration with Target’s broader Network Engineering organization. You will also be working closely with Cybersecurity stakeholders to develop and continually improve our visibility posture so network-based threats can be detected. Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs. About the Role As a Senior Engineer – Threat Detection Operations, you will help advance Target’s ability to detect and respond to sophisticated threats through the development of scalable, high-quality detections. This role focuses on transforming threat intelligence, incident learnings, and hunting outcomes into durable, high-fidelity detections. You will leverage large-scale security telemetry, analytics platforms, and automation frameworks to engineer detection content and improve security monitoring effectiveness. Working closely with Cyber Threat Intelligence, Incident Response, and security platform teams, you will turn actionable threat intelligence into high-confidence security signals to enable efficient detection and response. This role is ideal for someone who is highly technical, data-driven, and passionate about developing modern detection capabilities that keep pace with the evolving threat landscape. Core Responsibilities - Design, develop, deploy, and maintain production-ready detections across a variety of security platforms, including SIEM, EDR, cloud, identity, and network security technologies - Translate threat intelligence, incident response findings, and threat hunting outcomes into scalable, actionable detection logic - Develop and tune behavioral, signature-based, and statistical/anomaly-driven detections to identify malicious or suspicious activity while minimizing false positives and toil - Collaborate with Cyber Threat Intelligence, Incident Response, Threat Hunting, and platform engineering teams to identify and resolve detection and visibility gaps - Validate detection coverage against adversary tactics, techniques, and procedures (TTPs) using frameworks such as MITRE ATT&CK - Measure and report on detection performance, including fidelity, coverage, and effectiveness - Contribute to the continuous improvement of detection engineering practices, standards, and methodologies About You - 4-year degree in cybersecurity, computer science, data science, or a related field, or equivalent practical experience. - 5+ years of experience in cybersecurity, including at least 3 years focused on developing detections informed by threat intelligence, adversary behaviors, and/or data science and machine learning techniques. - Experience developing, deploying, and tuning detections across a variety of platforms such as SIEM, EDR, cloud security, and security analytics platforms - Experience with cloud security monitoring across AWS, GCP, or Azure environments - Strong understanding of end-to-end detection engineering concepts resulting in durable, scalable detection content - Experience scripting with languages such as Python, PowerShell, or Bash to automate security workflows and improve detection operations - Strong understanding of adversary tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK and the Cyber Kill Chain - Strong analytical and problem-solving skills with the ability to evaluate security telemetry and identify detection opportunities - Strong communication and collaboration skills with the ability to work effectively across security and engineering teams Additional Skills We Are Interested In - Experience with detection-as-code methodologies, CI/CD pipelines, and automated testing frameworks for security content - Experience applying statistical analysis, anomaly detection, machine learning, or behavioral analytics to improve detection capabilities - Experience with security data modeling, feature engineering, or graph-based threat detection techniques - Experience applying LLMs or AI-assisted workflows to detection development, alert triage, enrichment, or investigation use cases - Relevant certifications such as GCIA, GCIH, GCED, GMLE, GCFA, or similar cybersecurity certifications This position will operate as a Hybrid/Flex for Your Day work arrangement based on Target’s needs. A Hybrid/Flex for Your Day work arrangement means the team member’s core role will need to be performed both onsite at the Target HQ MN location the role is assigned to and virtually, depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target.

• Perform host/network based forensic investigations to collect and preserve evidence related to incidents • Managing incoming queues of detection alerts, threat reports and security incidents • Interact with our Managed Security Service Provider (MSSP) to investigate and resolve issues • Prioritizing and triaging competing incidents to maintain Service Level Agreements (SLA) • Managing investigations including escalation, organizing unstructured work and engaging resource teams across the company • Managing urgency and visibility to ensure timely response by all involved parties • Owning an incident for it’s full lifecycle, including after action reviews and follow up actions • Communication and coordination with other cyber security professionals, internal teams, and law enforcement agencies as needed to address incidents and threats • Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response • Create and maintain documentation including incident response plans, standard operating procedures, and knowledge base articles • Rotating on-call coverage

Role Description - Experiencia en atender y gestionar incidentes de seguridad como Soporte 3er Nivel dentro del equipo de respuesta de Incidentes. - Analizar y responder alertas de seguridad provenientes de plataformas SIEM/SOAR. - Realizar búsqueda proactiva de amenazas (Threat Hunting). - Experiencia avanzada en gestión de incidentes y eventos de seguridad. - Identificar, analizar y correlacionar IOCs (Indicators of Compromise). - Análisis, búsqueda, recomendaciones y gestión de remediaciones. - Ejecutar actividades de contención, erradicación y remediación de incidentes. - Inglés avanzado indispensable, se realiza entrevista en inglés. - Gusto por el aprendizaje continuo y en compartir el conocimiento. Qualifications - Carrera: Ingeniería en Sistemas Computacionales, Tecnologías de la Información, Ciberseguridad o afines. - Nivel de Expertise: Senior. - Certificaciones (deseables): Incident Handler /Response (+ Cloud), Certified Incident Handler. Company Description T-Systems se enorgullece de ser un empleador que ofrece igualdad de oportunidades y acción afirmativa. No discriminamos por motivos de raza, religión, color, origen nacional, sexo (incluido el embarazo, el parto o condiciones médicas relacionadas), orientación sexual, género, identidad de género, expresión de género, condición de transgénero, estereotipos sexuales, edad, condición de persona con discapacidad, u otras características legalmente protegidas aplicables. También es importante mencionar que T-Systems cuenta con un sistema de gestión antisoborno y es compromiso de todos los colaboradores conocerlo y cumplirlo. Creemos que el cambio trae nuevas oportunidades para el desarrollo y la innovación. Las personas que están preparadas para rendir al máximo en tales condiciones, sobresaldrán y crearán algo nuevo. Precisamente por esta razón, brindamos a nuestros empleados oportunidades únicas para un mayor desarrollo, ya sea en carreras técnicas o gerenciales.

Monitor vulnerabilities and security alerts, support patch management processes, assist with cybersecurity initiatives, and collaborate with teams to enhance system security and compliance within enterprise information systems.