Job Information
Nordstrom Security Engineer 2, Attack Surface Management (Hybrid - Seattle, WA) in Seattle, Washington
Job Description
Nordstrom’s Attack Surface Management team works to improve the security posture of Nordstrom by identifying, assessing, and reporting on vulnerabilities as well as participating in the triage process for critical response activities. In this role, you will have the opportunity to support Nordstrom and its customers by empowering Engineering teams with the information necessary to understand and remediate findings, helping facilitate compliance with regulatory requirements, and bringing visibility and actionable information to a dynamic threat environment.
A day in the life…· Collaborate with security partners, engineering peers, technical teams, management, and other stakeholders on vulnerability scanning, analysis, prioritization, and triage activities.· Identify and track the status of vulnerability remediation efforts, by analyzing findings, impact, and likelihood of attack.· Participate in the care, feeding, and growth of a vulnerability tooling and reporting ecosystem by developing integrations and customizations.· Assist with the triage of critical vulnerability findings alongside partner teams and stakeholders.· Research vulnerabilities and provide technical remediation guidance to teams, ensuring adherence to standards and compliance with regulations.· Evaluate potential false positives and other exception scenarios.· Stay up to date with the latest vulnerability intel on zero-day exploits, ensuring successful remediation of time-sensitive vulnerabilities.· Support a team rotation to respond to new requests and questions from remediation teams.· Support regulatory- and compliance-related activities, including scanning and reporting for PCI and SOC2, identity and access management, internal security standards, and secure architecture.· Craft communications, reports, and dashboards for vulnerabilities, risks, and recommended mitigation strategies.
You own this if you have…· 4+ years of industry experience in cyber security or related field· A bachelor’s or master’s degree in related discipline, or equivalent working experience· Experience with network, cloud and application vulnerability identification solutions, ex: Qualys, Rapid7, WhiteHat, Netsparker, Snyk, Amazon Inspector, Prisma Cloud· A curious mindset for learning and willingness to identify and implement improvements· Excellent communication skills and ability to influence outcomes· Working knowledge of regulatory and compliance requirements, ex: PCI DSS· Experience with risk assessment methodologies, vulnerability attack methods, exploit results, attack chains, and standard scoring models such as CVSS· Familiarity with cloud computing technologies and platforms, ex: containerization, Amazon Web Services, Google Cloud Provider, Azure· Exposure to application security controls pertaining to CI/CD pipeline, ex: dependency scanning, source code scanning· Background in software development, system administration, and / or process automation using Python, PowerShell, Bash
#LI-Hybrid
We’ve got you covered…
Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:
Medical/Vision, Dental, Retirement and Paid Time Away
Life Insurance and Disability
Merchandise Discount and EAP Resources
A few more important points...
The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.
Nordstrom will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.
Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com .
© 2022 Nordstrom, Inc
Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.
Pay Range Details
The pay range(s) below are provided in compliance with state specific laws. Pay ranges may be different in other locations.
Washington: $121,500-$188,500 annually
This position may be eligible for performance-based incentives/bonuses. Benefits include 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more. Eligibility requirements may apply based on location, job level, classification, and length of employment. Learn more in the Nordstrom Benefits Overview by copying and pasting the following URL into your browser: https://careers.nordstrom.com/pdfs/Ben_Overview_16.pdf
About Us
We’re a fast-moving fashion company that started as a shoe store in 1901. This heritage of service is the foundation we’re building on as we provide convenience and true connection for our customers. We empower our people to be innovative, creative and focused on providing the best service to our customers. Through it all, we remain committed to leaving the world better than we found it.
Whether you’re a genius engineer, a phenomenal salesperson or a supply chain pro, we invite you to bring your unique talents and join our team. We reward great work, promote from within and celebrate diversity.
CUSTOMER OBSESSEDWe strive to know our customers better than anyone else. We listen, anticipate, build trust and move with speed to deliver on their needs.
OWNERS AT HEARTWe treat every interaction as an opportunity to make an impact and deliver excellence.
CURIOUS AND EVER CHANGINGWe approach problems with curiosity and create solutions. We unlock potential to be bold, think big and inspire innovation.
HERE TO WINWe’re committed to delivering results, both today and tomorrow. We win as a team by supporting and challenging one another to be better every day.
WE EXTEND OURSELVESWe treat each other with respect and kindness. We do the small things that make a big difference. We create a welcoming environment, helping people feel connected, valued and part of one community.
Come on! Join us!