Director Cybersecurity - BISO

The pay range is $147,000.00 - $264,000.00

Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.

JOIN US AS A DIRECTOR OF CYBERSECURITY - BUSINESS INFORMATION SECURITY OFFICE (BISO) 

About Us:

Working at Target means helping all families discover the joy of everyday life. We bring that vision to life through our values and culture. Learn more about Target here.

Target’s security team is a place where innovation happens daily. Interested in a culture that combines ongoing learning, security excellence, and stellar outcomes? We are too – that’s why we work here. Join our team to improve Target’s security and move the business forward. 

As a Director, Business Information Security Office (BISO), you’ll collaborate with technical and leadership teams across all of Target Tech to lead a team of analysts to ensure that systems are designed and built securely. You will lead your team to identify relevant security risks, develop appropriate mitigation strategies, integrate security functions and controls into system architectures, and evaluate and provide feedback on proposed designs. 

You will bring a deep understanding of security risks, controls, mitigations, and standards to a collaborative and advisory role, helping the rest of the enterprise as new platforms and systems are built, and as existing ones are modified over time.  This role is highly collaborative and advisory, requiring strong technical expertise, excellent communication skills, and proven leadership in large-scale environments. You will partner closely with product, engineering, architecture, and enterprise security teams to ensure security is integrated into platforms and products as they are designed, built, and operated.  The Director brings deep understanding of security architecture, controls, and design tradeoffs, enabling effective challenge, guidance, and influence across complex initiatives. This role exercises influence through partnership, risk insight, and advisory leadership rather than direct ownership of technology decisions. 

Expect to Lead Effective Security Decision Making:

• Assist your team in driving technical decision making, adhering to Target platform architecture and other enterprise considerations.  
• Establish good stakeholder communication, work closely with partner teams, and help drive security requirements while being a strong advocate of efficient and secure coding practices across engineers.    
• Collaborate with system designers to integrate security requirements into the design phase of IT systems  
• Develop and maintain security guidance documentation, including security models, frameworks, and diagrams  
• Ensure that security decisions and guidance align with the organization’s business objectives and regulatory requirements  
• Understand security risks in order to identify potential vulnerabilities and threats  
• Develop risk mitigation strategies and recommend appropriate security controls  
• Understand and recommend security solutions, including firewalls, encryption protocols, and access control mechanisms  
• Collaborate with development and operations teams to ensure secure creation and deployment of IT systems  
• Provide guidance on secure coding practices   
• Prioritize driving highly impactful changes that improve the business  
• Conduct full-stack architecture reviews of products and platforms  
• Provide expertise on information security for complex systems and applications in cloud and on-prem environments  
• Design security reference architectures and create implementation/configuration guides    
• Provide expertise on creation and implementation of security controls 

Lead and Develop the BISO Team:

• Build, manage, and mentor a high-performing team of BISO analysts
• Provide leadership, coaching, performance management, and career development of the team
• Establish operating models, engagement patterns, and success metrics for the BISO function

Serve as a Strategic Security Partner:

• Act as a key security advisor to senior technology and business leaders across Target Tech and the enterprise
• Translate complex technical security risks into clear business context, enabling informed decision-making
• Establish strong stakeholder relationships and foster trust-based partnerships across Target Tech and the business
• Partner with senior leaders to provide security and risk perspective into technology and business strategies, roadmaps, and investment decisions

Drive Risk-Based Security Outcomes: 

• Oversee risk identification, assessment, and prioritization for products, platforms, and business initiatives
• Guide mitigation strategies in partnership with architecture, engineering, and enterprise security teams
• Ensure security considerations are integrated early into product and platform design discussions
• Help define, socialize, and operationalize enterprise risk tolerance by ensuring risk decisions are evaluated consistently and aligned with leadership expectations across the business
• Ensure risk management plans are clearly documented, actionable, and accurately reflect the organization’s risk tolerance, enabling transparent decision-making and consistent execution

Collaborate Across Enterprise Security: 

• Partner closely with Security Architecture, Engineering, Cyber Risk, Incident Response, and other enterprise cybersecurity teams
• Provide business and product context during security incidents and critical risk events 
• Advocate for systemic improvements to security controls, tooling, guidance, and processes based on observed risk patterns
• Help elevate security awareness, fluency, and decision-making capability across Target Tech by influencing standards, patterns, and guidance that enable teams to manage risk effectively
• Partner with audit, legal, privacy, and compliance teams to provide business and technology context for risk assessments, regulatory activities, and external engagements

Influence at Scale:

• Participate in governance forums, architecture reviews, and leadership discussions as a security representative
• Prioritize driving highly impactful changes that improve security outcomes while enabling business agility
• Communicate effectively with technical and non-technical audiences, including executive leadership, ensuring cybersecurity is informed of business priorities and initiatives while keeping leaders informed, engaged, and actively soliciting their input to ensure alignment on risk tolerance and security tradeoffs

Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs.       

About You: 

• 4-year degree or equivalent work experience
• 10+ years of experience in both technology and cybersecurity roles, with broad exposure across multiple technology and security domains. 
• 4+ years of people leadership experience, managing teams and driving outcomes in complex organizations
• Strong understanding of application and platform security concepts, cloud and on-prem architectures, identity, data protection, compliance, and secure software development practices
• Demonstrated ability to assess risk, influence decisions, and operate effectively in a large enterprise environment
• Good understanding of security management workflows in large enterprise organizations and complex environments 
• Excellent written and verbal communication skills with strong presentation abilities 
• Understanding of network security, cryptography, and secure software development  
• Experience with security technologies, such as firewalls, IDS/IPS, SIEM, and DLP  
• Excellent analytical, problem-solving, and communication skills 

Preferred: 

• Experience in retail or large, consumer-facing enterprises
• Prior experience in a BISO, security leadership, product security, or architecture-adjacent role
• Working knowledge of security frameworks and standards (e.g., NIST, ISO/IEC 27001)
• Familiarity with modern technology stacks, including cloud-native platforms, APIs, data platforms, and emerging technologies (e.g., AI/ML)
• Demonstrated curiosity, continuous learning mindset, and ability to collaborate across teams and domains

This position will operate as a Hybrid/Flex for Your Day work arrangement based on Target’s needs. A Hybrid/Flex for Your Day arrangement means the team member’s core role will need to be performed both onsite at the Target HQ MN location the role is assigned to and virtually, depending upon what your role, team, and tasks require for that day. 

Benefits Eligibility

Please paste this url into your preferred browser to learn about benefits eligibility for this role: https://tgt.biz/BenefitsForYou_F

Americans with Disabilities Act (ADA)

In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please reach out to candidate.accommodations@HRHelp.Target.com. Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed through this channel.  

Application deadline is : 03/26/2026