Role of a Security Ninja for Target.

This is my journey of how I worked as a security ninja (The head of security) for Target's machine learning platform. I played the role of Head of Security for 6 months before leaving the company for my MS. This is was a time filled with development, learning and collaboration.

Initially, I worked with the InfoSec team of Target to get myself equipped with all the knowledge and resources necessary. This included how do hackers think when attacking a website, what kind of vulnerabilities they exploit, how can we mitigate them and the coding and product development practices to follow.

After that, equipped with all the knowledge, I started looking into the security aspect of the platform and eventually made owner to all the features revolving not only security but also reliability of the platform. This included dependency fixes, vulnerable code detection and remediation, client issues and the code base coverage.

Eventually, I started working with my team closely and started tracking and solving SCA issues for multiple applications built on Java, Python and Golang. Setup SAST Spotlight for multiple repos and worked with the team to mitigate them. Worked with the penetration testing team to identify vulnerabilities in old modules and fixed them. Reported the security status and improvements made by the platform to my Manager and my Senior Vice President on a Bi-Weekly basis.

Overall, this was a role which required learning new things quickly but also demanded a persuasive position in the team who can collaborate with team members towards a stable and secure product.