SIEM Engineer
Role details
Job location
Tech stack
Job description
Pay is based on several factors which vary based on position. These include labor markets and in some instances may include education, work experience and certifications. In addition to your pay, Target cares about and invests in you as a team member, so that you can take care of yourself and your family. Target offers eligible team members and their dependents comprehensive health benefits and programs, which may include medical, vision, dental, life insurance and more, to help you and your family take care of your whole selves. Other benefits for eligible team members include 401(k), employee discount, short term disability, long term disability, paid sick leave, paid national holidays, and paid vacation. Find competitive benefits from financial and education to well-being and beyond at ;br>, * Learn and contribute to end-to-end log ingestion into Google SecOps (formerly Chronicle)-from source onboarding through reliable delivery-so downstream teams can power search, alerting, enrichment, and investigations.
- Pair with Threat Management Engineering, Threat Detection & Operations, Cyber Threat Intelligence, and the CSIRT Teams to produce high-quality and backwards compatible changes to large-volume, high-criticality data feeds and SecOps integrations.
- Participate in troubleshooting production issues across log pipelines and SIEM integrations (including other SIEM platforms), as part of a shared 24/7 on-call rotation with strong team support and runbooks.
- Build and enhance ingestion integrations and operational tooling using Python and practical regular expressions for parsing, validation, and transformations (ECS familiarity is a plus).
- Contribute to monitoring and alerting aligned to platform SLOs/SLAs, improving completeness, timeliness, and quality while reducing repeat incidents.
- Partner with Security Operations and adjacent platform owners to onboard feeds, support schema changes, and continuously improve telemetry quality.
In this role, you'll be a hands-on engineer contributing to the log ingestion platform that powers SIEM outcomes. You'll ramp quickly on the platform's architecture and operational patterns, delivering well-scoped improvements to integrations, data handling, and reliability with guidance from senior engineers. You'll apply strong troubleshooting and systems thinking to diagnose issues, implement fixes, and improve monitoring/runbooks so problems don't repeat. Over time, you'll take end-to-end ownership of discrete components and deliver high-quality changes with increasing independence, balancing delivery speed with correctness and operational readiness.
Core responsibilities of this job are described within this job description. Job duties may change at any time due to business needs.
Requirements
- 4-year degree in Computer Science (or related field) or equivalent practical experience
- 1+ years of software development and/or platform engineering experience
- Proficiency in Python
- Proficiency with regular expressions for parsing, extraction, and validation
- Experience integrating systems using APIs (including authentication/authorization concepts)
- Experience manipulating and validating log/event data (e.g., JSON), including transformations and schema changes
- Demonstrated troubleshooting and root-cause analysis skills in production or production-like environments
- Understanding of distributed systems fundamentals and common resilience patterns (timeouts, retries, idempotency)
- Willingness to participate in a shared 24/7 on-call rotation
