Senior Application Security Engineer

The pay range is $95,000.00 - $171,000.00

Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at https://corporate.target.com/careers/benefits.

About us:
Working at Target means helping all families discover the joy of everyday life. We bring that vision to life through our values and culture. Learn more about Target here.

As a Senior Application Security Engineer, you serve as a specialist in the engineering team that supports the product. You help develop and gain insight in the application architecture. You can distill an abstract architecture into concrete design and influence the implementation. You show expertise in applying the appropriate software engineering patterns to build robust and scalable systems. You are an expert in programming and apply your skills in developing the product. You have the skills to design and implement the architecture on your own but choose to influence your fellow engineers by proposing software designs, providing feedback on software designs and/or implementation. You show good problem-solving skills and can help the team in triaging operational issues. You leverage your expertise in eliminating repeat occurrences.

Use your skills, experience and talents to be a part of groundbreaking thinking and visionary goals. As a Sr. Engineer, you’ll take the lead as you…

• Design, build, and operate security tooling and automation that integrates deeply into development workflows (e.g., CI/CD, linting, auto-fix, click-to-fix flows).
• Create solutions that make the secure path the easiest path — embedding guardrails, reducing manual fixes, and improving the developer experience at scale.
• Augment existing processes with a security lens: dependency scanning, SAST/DAST/SCA, supply chain risk, and automated remediations.
• Collaborate with product engineering teams to enable secure-by-default applications, influencing architecture and design with practical security guidance.
• Build “push-down” solutions such as rules, plugins, and pipeline integrations so that security issues are surfaced and fixed where code is written.
• Evaluate new opportunities to improve security across Target’s environment, targeting solutions that deliver the greatest impact.
• Maintain observability and feedback loops for security signals across production systems.
• Contribute to disaster recovery and incident response planning with a focus on application-layer resilience.
• Share knowledge and mentor teammates in security engineering practices, fostering a culture of curiosity and shared ownership.

This role is part of a team changing how security is done at scale — delivering automation, guardrails, and fixes that directly shape how applications are built securely across Target.

Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs.

About you:

• Four-year degree or equivalent experience
• 5+ years in software development or security engineering with strong coding skills
• Experience building or maintaining security tools, automations, or frameworks (e.g., integrating scanners, writing rules, developing CI/CD integrations)
• Proficiency in Java, Kotlin, JavaScript/TypeScript, and experience with containerization (e.g., Docker)
• Experience working with CI/CD systems (Jenkins, GitHub Actions, GitLab CI, etc.)
• Strong understanding of open source dependencies, supply chain risks, and SCA techniques
• Familiarity with SAST/DAST tools and ability to translate results into actionable fixes
• Practical experience in security code reviews, threat modeling, or vulnerability assessment
• Demonstrated ability to embed security into developer workflows and improve the developer experience
• Passion for staying current with security trends, tools, and developer-centric security models
• Preferred (not required): security certifications such as CISSP, CSSLP, OSCP, GIAC, CompTIA Security+, or equivalent demonstrated expertise

This position will operate as aHybrid/Flex for Your Day work arrangement based on Target’s needs. A Hybrid/Flex for Your Day work arrangement means the team member’s core role will need to be performed both onsite at the Target HQ MN location the role is assigned to and virtually, depending upon what your role, team and tasks require for that day. Work duties cannot be performed outside of the country of the primary work location, unless otherwise prescribed by Target. Clickhere if you are curious to learn more about Minnesota.

Benefits Eligibility

Please paste this url into your preferred browser to learn about benefits eligibility for this role: https://tgt.biz/BenefitsForYou_D

Americans with Disabilities Act (ADA)

In compliance with state and federal laws, Target will make reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please reach out to [email protected].Non-accommodation-related requests, such as application follow-ups or technical issues, will not be addressed through this channel.