The pay range is $113,000.00 - $203,000.00

Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.

JOIN TARGET CYBERSECURITY AS A LEAD ANALYST - PAYMENT SECURITY

About This Opportunity

The Lead Payment Security Analyst will be responsible for ensuring the PCI-DSS compliance of the largest and most complex payment card systems and processes across Target, and leading the overall assessment effort for a large Cardholder Data Environment (CDE) at Target.  

We’re looking for a team player who will excel in partnering with other business, technology, and security experts across the company to assess the people, process, and technology that support Target’s payment card security architecture.

Use your skills, experience and talents to be a part of groundbreaking thinking and visionary goals.  As a Lead Payment Security Analyst, you'll take the lead as you…

Serve as a lead project manager or top technical subject matter resource to drive PCI-DSS complianceConsult on complex payment security and PCI-DSS compliance considerationsUnderstand and assess complex branded payment acceptance and card servicing processesDevelop and consult on remediation requirements for applications, servers, databases, payment devices, local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices to ensure PCI-DSS complianceDrive necessary and complex system and process updatesAnswer prioritization, technical, or PCI-DSS interpretation questions from the PCI-DSS assessment teamsInteract directly with Target’s PCI-DSS Qualified Security Assessor (QSA) on complex interpretation, implementation, and assessment questionsWork closely with cross-functional teams and develop strong liaison relationshipsStay current with new and evolving security topics and technologies via formal training and self-directed educationWillingly share knowledge and experiences with less experienced staff to help grow team talent bench through training and mentoringProvide payment card security thought-leadership within the team and to the broader IT organization to promote and develop consistent technical build processesServe as a peer to the leaders of the PCI-DSS assessment and consulting teams

Requirements

Bachelor's degree in relevant field of work5-7 years IT background; experience with payment card compliance or regulatory issues preferred3+ years prior experience supporting, a Level 1 or Level 2 organization’s PCI-DSS compliance effort, working with an ISA or QSA, or serving as an ISA or QSAExperience with large scale project management (planning, organizing, and managing resources to bring about the successful completion of specific project goals and objectives)Advanced knowledge of all requirements of the PCI-DSS v3.x, other significant PCI-SSC guidance, and card security and compliance requirements from the major card brandsAdvanced knowledge of five or more of the following technical areas: network segmentation, operating system security, encryption and key management, tokenization, anti-virus and malware, secure system development, identity and access management, vulnerability management, physical access controls, penetration testing, file integrity monitoring, logging, and information security policyAble to scope, interpret and prioritize both application and network vulnerability test resultsAbility to effectively communicate complex security issues to auditors, assessors and both technical and non-technical leaders.Ability to identify problems, analyze data and present conclusions effectivelyStrong verbal, written and presentations skillsExcellent PC skills (Excel, Word, Adobe, SharePoint)Industry Certifications (CISSP/PCI QSA or ISA/PCIP/CISM/CRISC) preferredCloud security or architecture experience preferredEMV "Chip and PIN" and mobile payment experience preferredFormer PCI QSA with retail and card servicing experience preferredDevelopment experience a plus

This position will operate as a Hybrid/Flex for Your Day work arrangement based on Target’s needs. A Hybrid/Flex for Your Day work arrangement means the team member’s core role will need to be performed both onsite at the Target HQ MN location the role is assigned to and virtually, depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target. Click here if you are curious to learn more about Minnesota.

Benefits Eligibility

Please paste this url into your preferred browser to learn about benefits eligibility for this role: https://tgt.biz/BenefitsForYou_E

Americans with Disabilities Act (ADA)

In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please reach out to candidate.accommodations@HRHelp.Target.com.