Lead Engineer – Cyber Visibility UI Development

📍 Job Overview

Job Title: Lead Engineer – Cyber Visibility UI Development

Company: Target

Location: Brooklyn Park, MN, United States

Job Type: Full-Time

Category: Engineering / Software Development / Cybersecurity Operations

Date Posted: April 22, 2026

Experience Level: 8+ years (Mid to Senior Level)

Remote Status: Hybrid

🚀 Role Summary

• Lead the design, development, and maintenance of a critical SIEM platform, encompassing both frontend and backend services, with a strong emphasis on modern UI development patterns using React and TypeScript.

• Drive the technical architecture evolution of the SIEM platform, ensuring seamless integration with Google SecOps and supporting advanced security detection and investigation workflows.

• Mentor and guide junior and senior engineers, fostering a collaborative environment for problem-solving, design reviews, and hands-on pair programming.

• Operate with a high degree of autonomy, taking technical decision authority and partnering with cross-functional teams to deliver robust security solutions.

• Own the reliability, scalability, and performance targets of the SIEM application, actively participating in troubleshooting, incident response, and continuous improvement initiatives.

📝 Enhancement Note: While the title specifies "UI Development," the responsibilities clearly indicate a full-stack role with significant backend API, integration, and system architecture responsibilities. The "Cyber Visibility" aspect points towards a role within a Security Operations or Information Security Engineering team, focusing on tools and platforms that provide insights into cyber threats and system vulnerabilities. This is not a typical Revenue Operations or Sales Operations role, but rather a highly technical engineering position within a security domain. The "Lead" designation implies significant ownership and mentorship.

📈 Primary Responsibilities

• Design, develop, and maintain a comprehensive SIEM platform, including one frontend application and seven backend services, utilizing modern patterns like React and TypeScript for durable interfaces.

• Mentor junior and senior engineers through comprehensive design reviews, hands-on pair programming sessions, and collaborative problem-solving initiatives.

• Take ownership of and evolve the technical architecture for the SIEM platform, covering both established full-stack applications and in-flight integrations supporting Google SecOps.

• Operate with a high degree of autonomy, consistently delivering outcomes with minimal oversight and demonstrating strong technical leadership.

• Exercise technical decision authority while partnering with cross-functional teams to design, build, and deliver new or migrated security detection features and tools on Google SecOps, leading design reviews and resolving ambiguities from conflicting requirements.

• Develop and support full-stack application features, including backend APIs (e.g., Node.js/Express), integrations with Google SecOps, and services that power detection and investigation workflows.

• Drive alignment upstream and downstream by collaborating with Threat Detection & Operations, Cyber Threat Intelligence, CSIRT, and platform engineering teams to design and enhance detection and investigation capabilities.

• Own reliability, scalability, and performance targets by troubleshooting and resolving issues across existing systems, participating in on-call rotations, and contributing to improvements in observability, resilience, and operational tooling.

• Develop and maintain state management, data-fetching, and asynchronous workflows (e.g., background processing, job scheduling using Temporal/Bull) to support complex user interactions and long-running operations.

• Write high-quality, maintainable code, actively participating in code reviews and upholding rigorous testing practices to facilitate knowledge sharing and engineer standards.

• Contribute to CI/CD pipelines and mechanisms (e.g., Docker Swarm), ensuring reliable and repeatable release processes for the SIEM platform.

• Utilize telemetry, user feedback, and platform metrics to systematically improve application performance, usability, and overall reliability.

📝 Enhancement Note: The responsibilities highlight a blend of hands-on coding, architectural design, and team leadership, typical of a Lead Engineer role. The focus on SIEM, Google SecOps, and cybersecurity workflows indicates a specialized area within engineering. This role is less about traditional GTM operations and more about the technical infrastructure supporting security operations.

🎓 Skills & Qualifications

Education:

Experience:

• 8+ years of overall software engineering experience, with a significant focus on building robust full-stack web applications.

• Proven ability to define and evolve system architecture, guiding cross-team initiatives from initial concept through to production deployment.

• Experience supporting applications in production, including active participation in monitoring, incident response, and on-call rotations.

Required Skills:

• 3+ years of experience building modern frontend applications using React or NextJS with TypeScript, including proficiency in state management, form validation, and component libraries (e.g., MUI).

• 3+ years of experience building backend services with Node.js and Express, including API design, Express Middleware, ORMs (e.g., Sequelize), and job scheduler frameworks (e.g., Bull or Temporal).

• 3+ years of experience with relational databases such as MySQL or PostgreSQL.

• Experience with containerized applications and modern CI/CD pipelines (e.g., Docker, Docker Swarm, or similar).

• Working knowledge of observability practices, including logging, metrics, tracing, and Application Performance Monitoring (APM).

• Ability to troubleshoot and debug complex issues across the entire application stack in production environments, effectively identifying root causes and implementing durable solutions.

Preferred Skills:

• Experience with cybersecurity platforms or SIEM systems.

• Familiarity with Google SecOps or similar security orchestration, automation, and response (SOAR) platforms.

• Experience with infrastructure as code (IaC) tools.

• Knowledge of cloud-native architectures and services.

• Experience with performance tuning and optimization for large-scale applications.

📝 Enhancement Note: The explicit mention of specific technologies like React, TypeScript, Node.js, Express, Docker, and various databases, along with experience levels, provides clear technical benchmarks. The emphasis on full-stack development and system architecture suggests a need for engineers who can understand and contribute to the entire technology stack.

📊 Process & Systems Portfolio Requirements

Portfolio Essentials:

• Showcase of designed, developed, and maintained full-stack applications, with a focus on SIEM or similar security-related platforms.

• Demonstrations of technical architecture evolution, highlighting how systems were scaled, optimized, or integrated with new technologies (e.g., Google SecOps).

• Examples of implementing and managing CI/CD pipelines and containerization strategies (e.g., Docker Swarm) to ensure reliable deployments.

Process Documentation:

• Workflow design and optimization examples related to security investigation or detection authoring processes.

• Evidence of implementing and automating complex workflows, such as background processing or job scheduling.

• Metrics and performance analysis demonstrating improvements in application performance, usability, or reliability driven by telemetry and user feedback.

📝 Enhancement Note: While not explicitly stated as "portfolio requirements," the detailed responsibilities and qualifications imply a need for candidates to demonstrate practical experience through a portfolio. This section infers what such a portfolio should highlight for a role focused on SIEM and full-stack development in a security context.

💵 Compensation & Benefits

Salary Range: $132,000 - $238,000 Annually

Benefits:

• Comprehensive health benefits and programs, including medical, vision, and dental insurance.

• Life insurance coverage.

• 401(k) retirement savings plan.

• Employee discount program.

• Short-term disability insurance.

• Long-term disability insurance.

• Paid sick leave.

• Paid national holidays.

• Paid vacation time.

Working Hours:

• Standard full-time hours, estimated at 40 hours per week, with potential for on-call rotations.

📝 Enhancement Note: The salary range provided is specific and falls within typical ranges for Lead Engineer roles in major US tech markets, especially for a large retailer like Target. The benefits listed are comprehensive and standard for large corporations in the US. The "Hybrid/Flex for Your Day" arrangement implies a structured hybrid model where some days are in-office and others are remote, based on team and task needs.

🎯 Team & Company Context

🏢 Company Culture

Industry: Retail (Technology / Digital)

Company Size: Large (10,000+ employees)

Founded: 1902 (Target Corporation)

Team Structure:

• The role sits within a cybersecurity engineering team focused on SIEM platform development and support.

• This team likely collaborates closely with Threat Detection & Operations, Cyber Threat Intelligence, CSIRT, and other platform engineering teams.

Methodology:

• Emphasis on modern software engineering practices: agile development, CI/CD, containerization, and robust testing.

• Data-driven approach to application improvement, utilizing telemetry, user feedback, and platform metrics.

• Collaborative problem-solving and a focus on reliability, scalability, and performance for critical security systems.

• A culture that supports autonomy and technical decision-making for lead engineers.

Company Website: https://corporate.target.com/

📝 Enhancement Note: Target is a major retail corporation with a significant technology division. This role is within their cybersecurity engineering function, focusing on the technology that supports Target's security posture. The culture likely balances the scale and stability of a large enterprise with the innovation and agility expected in technology teams.

📈 Career & Growth Analysis

Operations Career Level: Lead Engineer (Senior Individual Contributor with Leadership and Mentorship Responsibilities)

Reporting Structure: Likely reports to an Engineering Manager or Director overseeing cybersecurity engineering or platform development.

Operations Impact: This role has a direct impact on Target's security posture by ensuring the effectiveness and reliability of the SIEM platform, which is critical for detecting, investigating, and responding to cyber threats. The work directly supports the protection of company data and customer trust.

Growth Opportunities:

• Deepen expertise in cybersecurity engineering, SIEM technologies, and full-stack development within a large enterprise context.

• Transition into management roles (e.g., Engineering Manager) or more specialized technical leadership roles (e.g., Principal Engineer, Architect).

• Gain exposure to a wide range of modern technologies and large-scale system challenges within a Fortune 50 company.

• Develop strong mentorship and technical leadership skills through guiding engineering teams.

📝 Enhancement Note: This is a senior individual contributor role with clear leadership expectations. Growth opportunities would typically involve advancing to Principal Engineer, Architect, or moving into management. The experience gained at Target is highly valuable due to the scale and complexity of their operations.

🌐 Work Environment

Office Type: Hybrid/Flex for Your Day work arrangement. This means a mix of onsite work at the Brooklyn Park, MN HQ and remote work, coordinated based on team and task requirements.

Office Location(s): 7000 Target Pkwy N, NCD-0375 Brooklyn Park, MN 55445.

Workspace Context:

• Collaborative environment designed to foster innovation and knowledge sharing among engineering teams.

• Access to modern development tools, technologies, and infrastructure necessary for full-stack development and cybersecurity operations.

• Opportunities for direct interaction with cross-functional teams (Threat Detection, Cyber Intelligence, CSIRT) to align on security priorities and solutions.

Work Schedule: Full-time, with flexibility managed through the Hybrid/Flex arrangement. On-call responsibilities are part of the role, requiring availability outside standard hours for critical incidents.

📝 Enhancement Note: The "Hybrid/Flex for Your Day" model signifies a flexible approach to hybrid work, requiring proactive coordination and communication to balance in-office and remote contributions. This is common in large tech organizations balancing collaboration needs with employee flexibility.

📄 Application & Portfolio Review Process

Interview Process:

• Initial Screening: HR or recruiter screen to assess basic qualifications, experience alignment, and interest.

• Technical Phone Screen: A focused technical discussion with an engineer or hiring manager to evaluate core skills in areas like React,

Node.js, system design, and problem-solving.

• On-site/Virtual Loop: Multiple interviews, likely including:

  • System Design: Assessing ability to architect scalable and reliable systems, particularly in a cybersecurity context.
  • Coding Challenges: Hands-on coding exercises to evaluate proficiency in chosen languages/frameworks (e.g., React, Node.js) and problem-solving approach.
  • Behavioral Interviews: Evaluating leadership, mentorship, collaboration, and communication skills using STAR method.
  • Cross-functional Collaboration: Discussions with potential peers or stakeholders from teams like Threat Detection or Operations.

• Final Interview/Offer: Discussion with senior leadership, final offer negotiation.

Portfolio Review Tips:

• Highlight SIEM/Security Focus: If you have direct SIEM or cybersecurity platform experience, ensure your portfolio clearly showcases this. Detail the problems you solved and the impact of your work.

• Demonstrate Full-Stack Proficiency: Showcase projects where you've built both frontend (React/TypeScript) and backend (Node.js/Express) components, including API design and database interactions.

• Architectural Contributions: Include examples where you've influenced or defined system architecture, scalability, and reliability improvements.

• Process & Automation: Detail any work related to CI/CD, containerization (Docker), asynchronous processing (Temporal/Bull), or observability improvements.

• Problem-Solving Case Studies: Prepare to walk through complex technical challenges you've faced, detailing your approach to debugging, root cause analysis, and implemented solutions.

Challenge Preparation:

• System Design: Practice designing distributed systems, focusing on scalability, availability, and security considerations relevant to a SIEM platform.

• Coding: Brush up on JavaScript, TypeScript, React, Node.js, data structures, and algorithms. Be ready for coding challenges that test your ability to write clean, efficient, and maintainable code.

• Behavioral: Prepare specific examples using the STAR method for questions related to leadership, mentorship, conflict resolution, and handling ambiguity.

• Target's Tech Stack: Research Target's engineering blog or publicly available information on their technology stack to understand their engineering culture and common tools.

📝 Enhancement Note: Given the "Lead" title and technical nature of the role, expect rigorous technical interviews. A strong portfolio demonstrating end-to-end development, architectural thinking, and problem-solving is crucial.

🛠 Tools & Technology Stack

Primary Tools:

• Frontend: React, TypeScript, NextJS, MUI (or similar component library).

• Backend: Node.js, Express.js.

• Databases: Relational Databases (MySQL, PostgreSQL), ORMs like Sequelize.

• Asynchronous Processing: Bull, Temporal (or similar job scheduling/queueing frameworks).

• Containerization: Docker, Docker Swarm (or similar container orchestration).

• CI/CD: Experience with modern CI/CD pipelines for automated deployment.

Analytics & Reporting:

• Observability: Logging, Metrics, Tracing, APM tools (specifics not mentioned but expected).

• Telemetry & Metrics: Tools to collect and analyze application performance and user behavior data.

CRM & Automation:

• SIEM Platform: Core focus of development.

• Security Integrations: Google SecOps, potentially other security tools.

📝 Enhancement Note: The technology stack is clearly defined, emphasizing modern JavaScript/TypeScript ecosystem tools for both frontend and backend. Experience with containerization and CI/CD is mandatory. Familiarity with observability tools is also a key requirement for a role focused on system health and reliability.

👥 Team Culture & Values

Operations Values:

• Technical Excellence: A drive for high-quality, maintainable, and scalable code.

• Collaboration: Working effectively with cross-functional teams to achieve shared security goals.

• Ownership & Accountability: Taking responsibility for the SIEM platform's health, performance, and evolution.

• Continuous Improvement: Proactively seeking ways to enhance reliability, usability, and efficiency through data and feedback.

• Mentorship & Growth: Fostering a learning environment where team members can develop their skills and careers.

Collaboration Style:

• Highly collaborative, involving close partnerships with various cybersecurity teams (Threat Detection, Intelligence, CSIRT) and platform engineering.

• Emphasis on clear communication, design reviews, and knowledge sharing through code reviews and pair programming.

• A proactive approach to unblocking delivery and aligning priorities across different stakeholder groups.

📝 Enhancement Note: Target's company values likely influence team culture, emphasizing guest (customer) obsession, integrity, and fostering innovation. Within engineering, these translate to building reliable systems, acting ethically in cybersecurity, and continuously improving processes and technology.

⚡ Challenges & Growth Opportunities

Challenges:

• Complex System Architecture: Navigating and evolving a large, established SIEM platform with multiple backend services and integrations.

• Cross-Functional Alignment: Driving consensus and coordinating efforts across diverse teams with potentially differing priorities.

• High Availability & Reliability: Ensuring the continuous operation and performance of a critical security system, especially during incidents.

• Technical Debt Management: Balancing new feature development with the need to maintain and refactor existing code for long-term health.

• Staying Ahead of Threats: Keeping pace with evolving cybersecurity threats and ensuring the SIEM platform effectively supports detection and investigation.

Learning & Development Opportunities:

• Deep Dive into Cybersecurity Tech: Gain extensive experience with SIEM, security analytics, threat intelligence, and incident response tooling.

• Advanced Full-Stack Development: Hone skills in modern frontend (React/TypeScript) and backend (Node.js/Express) development at enterprise scale.

• System Architecture & Scalability: Learn to design and manage complex, highly available systems within a large retail environment.

• Leadership & Mentorship: Develop formal leadership and mentorship capabilities through guiding engineering teams.

• Industry Conferences & Training: Opportunities to attend relevant security and engineering conferences or pursue certifications.

📝 Enhancement Note: This role presents significant technical challenges and ample opportunities for professional growth, particularly for engineers looking to specialize in cybersecurity engineering and gain experience at a large, reputable organization.

💡 Interview Preparation

Strategy Questions:

• System Design: Be prepared to discuss how you would design a scalable, resilient, and secure SIEM system or specific components of it. Focus on data ingestion, processing, storage, and querying.

• Technical Leadership & Mentorship: Prepare examples of how you've mentored engineers, led technical discussions, resolved technical disagreements, and influenced architectural decisions.

• Problem Solving & Debugging: Have detailed examples of complex bugs you've encountered in production systems, your methodology for troubleshooting, and how you implemented solutions with lasting impact.

• Full-Stack Architecture: Discuss your approach to designing APIs, managing state in complex frontend applications, and integrating backend services with external systems like Google SecOps.

Company & Culture Questions:

• Target's Mission: Understand Target's commitment to its guests and how cybersecurity plays a role in maintaining trust and delivering on that mission.

• Team Collaboration: Be ready to discuss how you've worked with non-engineering teams (e.g., operations, threat intel) and how you ensure alignment.

• Handling Ambiguity: Prepare examples of how you've navigated unclear requirements or conflicting priorities to drive projects forward.

Portfolio Presentation Strategy:

• Focus on Impact: For each project, clearly articulate the problem, your solution, the technologies used, and the measurable impact (e.g., improved detection rates, reduced investigation time, increased system reliability).

• Technical Depth: Be prepared to dive deep into the technical details of your projects, explaining architectural choices, design patterns, and challenges overcome.

• Storytelling: Frame your projects as narratives – the challenge, your role, the execution, and the successful outcome.

• Demonstrate Full-Stack Ownership: Show how you can connect frontend user experience with robust backend functionality and underlying infrastructure.

📝 Enhancement Note: The interview process will likely be rigorous, testing both technical acumen and leadership potential. A strong understanding of the candidate's experience in building and maintaining complex, full-stack applications within a security context is paramount.

📌 Application Steps

To apply for this Lead Engineer position:

• Submit your application through the official Target careers portal via the provided link.

• Curate Your Resume: Tailor your resume to prominently feature keywords related to React, TypeScript, Node.js, Express, SIEM, cybersecurity, full-stack development, system architecture, CI/CD, and Docker. Quantify achievements wherever possible (e.g., "Improved system performance by 20%").

• Prepare Your Portfolio: Select 2-3 key projects that best demonstrate your full-stack development skills, architectural contributions, and experience with relevant technologies. Be ready to present and discuss these in detail, focusing on problem-solving, technical execution, and impact.

• Practice Technical & Behavioral Questions: Rehearse answers using the STAR method for behavioral questions and practice system design and coding challenges relevant to full-stack web development and cybersecurity.

• Research Target: Familiarize yourself with Target's business, its technology initiatives (if publicly available), and its commitment to cybersecurity. Understand how this role contributes to the company's overall mission.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and operations industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.

---