Lead Cybersecurity Engineer - Insider Risk and DLP

Target•Brooklyn Park, MN

3d•$132,000 - $238,000•Hybrid

About The Position

As a Lead Engineer – Insider Risk and DLP, you will be pivotal in the protection of Target’s data, systems, and intellectual property by ensuring employees do not conduct malicious activities. In this role, you will play a critical part in safeguarding enterprise data, protecting customer trust in Target, and strengthening the organization’s overall security posture against insider threats by improving detection visibility and fidelity within our UEBA, alerting functionality, and responding and mitigating all identified threats. As a Lead Engineer you will: Help lead the design, implementation and continuous improvement of the Insider Threat and DLP programs. Define metrics through which we can ensure our coverage is comprehensive, effective, and efficient in an ever-changing threat landscape. Cross train with other teams within the Cyber Fusion Center such as Cyber Threat Intelligence, Incident Response, Security Architecture, and Enterprise Incident Management. Assist in implementation of net new DLP capabilities and ITP UEBA engine. Become proficient in workflow automation within our SOAR platform and automate previously manual processes.

Requirements

4 year degree or equivalent experience
7+ years in cybersecurity with a focus in Incident Response, DLP, and Insider Threat
Extensive experience with DLP tools (e.g. ZScaler, ForcePoint, Symantec)
Deep understanding of Insider Threat methodologies and behavioral analytics to differentiate between uncommon and malicious activity
Demonstrated programming experience in Python, PowerShell or equivalent
Experience with maintaining SIEM, UEBA, EDR, and cloud security platforms
Demonstrated ability to build strong cross-functional partnerships and influence enterprise security strategy
Experience working closely with cyber threat intelligence, incident response, or detection engineering teams
Strong problem-solving skills with the ability to navigate complex, ambiguous security challenges
Excellent communication skills, with the ability to present complex concepts clearly to technical and executive audiences
Commitment to operational excellence, safety, and continuous improvement
Self-directed learner who stays current with evolving cybersecurity threats, technologies and best practices

Responsibilities

Monitor, investigate and maintain DLP technologies across endpoints, network sensors, cloud platforms, and email systems.
Conduct root cause analysis, recommend remediation actions, and institute blocking procedures as needed to prevent similar risk moving forward.
Integrate DLP tools with SIEM, UEBA, CASB, and endpoint detection platforms.
Conduct continuous improvement of custom rules based on tradecraft knowledge, anomaly detection hunts, threat intelligence, and previous cases.
Work closely with Employee Relations, Human Resources, Security Architecture, and policy teams to improve Target’s overall security posture and move from detection to prevention.

Benefits

Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves.
Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation.
Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume