Principal Engineer - Security Architecture

Principal Engineer - Security Architecture

Pay range: $ - $

Target offers comprehensive health benefits and programs, including medical, vision, dental, life insurance and more. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation.

Working at Target means helping all families discover the joy of everyday life. We bring that vision to life through our values and culture. Target’s security team is a place where innovation happens daily. We are committed to improving Target’s security and moving the business forward.

• Collaborate with system designers to integrate security requirements into the design phase of IT systems.
• Develop and maintain security architecture documentation, including security models, frameworks, and diagrams.
• Ensure that security architecture aligns with the organization’s business objectives and regulatory requirements.
• Identify potential vulnerabilities and threats by understanding security risks.
• Develop risk mitigation strategies and recommend appropriate security controls.
• Design and implement security solutions such as firewalls, encryption protocols, and access control mechanisms.
• Collaborate with development and operations teams to ensure secure creation and deployment of IT systems.
• Provide guidance on secure coding practices.
• Prioritize driving highly impactful changes that improve the business.
• Conduct full-stack architecture reviews of products and platforms.
• Provide expertise on information security for complex systems and applications in cloud and on-prem environments.
• Design security reference architectures and create implementation and configuration guides.
• Provide expertise on creation and implementation of security controls with an emphasis on cloud technologies.
• Efficiently assess and communicate risk accurately while negotiating priorities with cross‑domain stakeholders.
• Collaborate with engineering teams to perform advanced security analysis on complex cloud systems, identifying gaps while contributing to design solutions and security requirements.

• Polyglot programmer comfortable in many languages across different platforms.
• 10+ years of hands‑on experience in technology, with extensive knowledge of cybersecurity domains including information protection, cloud security (GCP strongly preferred), networking security, IAM, automation, and SIEM.
• Demonstrated curiosity and ability to learn.
• Expertise in containerization technologies and tools.
• Solid understanding of AI/ML.
• Seeks out cross‑team collaboration opportunities.
• Stays current on relevant technologies with self‑directed learning.
• Excellent written and verbal interpersonal skills with strong presentation abilities.
• Proven history of effectively utilizing a variety of security tools and technologies across diverse environments.
• Good understanding of security management workflows in large enterprise organizations and complex environments.
• Strong understanding of the current threat landscape and the challenges most organizations face.
• In‑depth knowledge of security frameworks, standards, and best practices (e.g., NIST, ISO/IEC 27001).
• Strong understanding of network security, cryptography, and secure software development.
• Experience with security technologies such as firewalls, IDS/IPS, SIEM, and DLP.
• Excellent analytical, problem‑solving, and communication skills.

• GCP native security product experience (VPC Service Controls, Organization constraints, Cloud Armor, Next Gen Firewall, etc.).
• Working knowledge of policy‑as‑code (either OPA/Rego or SEL).
• Experience with Google SCC or Wiz is a plus.
• LLM security expertise.
• Vertex AI experience.

This position may be considered for a Remote or Hybrid work arrangement based on Target's needs. A Remote work arrangement means the team member works full‑time from home or an alternate location that is not a Target location. A Hybrid/Flex for Your Day work arrangement means the team member’s core role may be performed either remote or onsite at a Target location depending on what the role, team, and tasks require for that day.

Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target.

In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please reach out to candidate.acc Non‑accommodation‑related requests, such as application follow‑ups or technical issues, will not be addressed through this channel.