Senior Application Security Engineer

About The Position

Requirements

• Four-year degree or equivalent experience.
• 5+ years in software development or security engineering with strong coding skills.
• Experience building or maintaining security tools, automations, or frameworks (e.g., integrating scanners, writing rules, developing CI/CD integrations).
• Proficiency in Java, Kotlin, JavaScript/TypeScript, and experience with containerization (e.g., Docker).
• Experience working with CI/CD systems (Jenkins, GitHub Actions, GitLab CI, etc.).
• Strong understanding of open source dependencies, supply chain risks, and SCA techniques.
• Familiarity with SAST/DAST tools and ability to translate results into actionable fixes.
• Practical experience in security code reviews, threat modeling, or vulnerability assessment.
• Demonstrated ability to embed security into developer workflows and improve the developer experience.
• Passion for staying current with security trends, tools, and developer-centric security models.

Nice To Haves

• Security certifications such as CISSP, CSSLP, OSCP, GIAC, CompTIA Security+, or equivalent demonstrated expertise.

Responsibilities

• Design, build, and operate security tooling and automation that integrates deeply into development workflows (e.g., CI/CD, linting, auto-fix, click-to-fix flows).
• Create solutions that make the secure path the easiest path — embedding guardrails, reducing manual fixes, and improving the developer experience at scale.
• Augment existing processes with a security lens: dependency scanning, SAST/DAST/SCA, supply chain risk, and automated remediations.
• Collaborate with product engineering teams to enable secure-by-default applications, influencing architecture and design with practical security guidance.
• Build 'push-down' solutions such as rules, plugins, and pipeline integrations so that security issues are surfaced and fixed where code is written.
• Evaluate new opportunities to improve security across Target’s environment, targeting solutions that deliver the greatest impact.
• Maintain observability and feedback loops for security signals across production systems.
• Contribute to disaster recovery and incident response planning with a focus on application-layer resilience.
• Share knowledge and mentor teammates in security engineering practices, fostering a culture of curiosity and shared ownership.

Benefits

• Comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more.
• 401(k)
• Employee discount
• Short term disability
• Long term disability
• Paid sick leave
• Paid national holidays
• Paid vacation