Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at .

SOX IT is a team of experienced Cybersecurity professionals that serve a critical function in maintaining shareholder confidence in Target’s financial reporting.  It achieves this by ensuring systems that process financial transactions are well-controlled and meet SOX IT General Controls requirements.  It has the exciting challenge of evolving with Target’s rapidly changing technology environment to have the right controls applied to the right systems at the right time.  This involves understanding changes occurring across Target’s environment and taking proactive action to respond to those changes.

SOX IT’s core responsibilities also involve onboarding new applications, advising on controls, conducting ongoing testing to monitor compliance, support annual audit activities, and educating technology teams.  Deep business and technical expertise are foundational to the team as it scopes financial processes and designs compliant patterns in a microservice environment. Success of the program relies on maintaining trusted partnerships with our technology teams, business teams, internal auditors, and external auditors.

As a member of SOX IT, you will play a key role in maintaining Target’s SOX compliance.  It will challenge you to quickly learn new technologies and processes, cultivate partnerships across the organization, critically think through risks and controls, assess effectiveness of those controls, and influence others to take action. Core responsibilities of this job are described within this job description.  Job duties may change at any time due to business needs.

About you:

• Provide subject-matter expertise in SOX IT risks and controls (access, change management, and operations)
• Conduct in-depth process assessments and technical testing of key IT controls
• Support onboarding of new applications and technology teams to the SOX program
• Advise on design of IT controls and actions to reduce information security risks
• Advise on remediation and perform impact assessments when IT deficiencies are identified
• Develop trusted relationships with key stakeholders (tech/business, internal audit, external audit)
• Summarize and report key risks to Cybersecurity leadership
• Identify innovative opportunities to continuously mature the program and the value it delivers to the organization
• Continuously develop your technical skills to align with Target’s evolving technology environment
• Stay current with new and evolving security topics, technologies, and requirements via formal training and self-directed education

Desired skills and experiences include:

• Bachelor's degree
• 5+ years of information security or other relevant experience
• Relevant certifications like CISA, CISSP, CISM
• In-depth knowledge and experience in SOX programs and application of ITGC
• Knowledge of cloud technology and security controls.
• Knowledge of operating system security (ex. Windows/Linux) and databases (ex. Mongo, Postgres).
• In-depth knowledge and experience testing the effectiveness of controls
• Experience in agile teams and modern technologies (ex. microservice architecture)
• Strong verbal, written and presentations skills
• Ability to navigate ambiguity and develop trusted business relationships
• Ability to identify problems, analyze data and present conclusions
• Ability to lead down, across, and up in order to influence desired outcomes
• Knowledge of information security frameworks such as ISO, HiTrust, or PCI is preferred

This position will operate as a Hybrid/Flex for Your Day work arrangement based on Target’s needs. A Hybrid/Flex for Your Day work arrangement means the team member’s core role will need to be performedboth onsite at the Target HQ MN location the role is assigned to and virtually, depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target. Click here if you are curious to learn more about Minnesota.