Job Description

We are seeking an accomplished Principal Security Engineer to serve within Nordstrom's Cybersecurity & Privacy Organization (CPO). This role will drive the architecture, implementation, and evolution of enterprise security solutions while providing technical leadership across critical security domains. The ideal candidate will be a seasoned security practitioner with deep technical expertise, a passion for mentoring, and the ability to influence security strategy at the highest levels of the organization. The goal is to enable secure business innovation and operational stability through proactive security design and strategic risk management.

Key Responsibilities:

• Lead the design and architecture of enterprise security solutions across cloud, on-premises, and hybrid environments.
• Provide technical direction and oversight for complex security initiatives, including zero trust implementation, cloud security, and security automation programs.
• Serve as a principal technical advisor to security leadership, engineering teams, and business stakeholders on security architecture, risk management, and emerging threats.
• Drive security innovation through evaluation and integration of cutting-edge technologies, including AI/ML-based security tools and security orchestration platforms.
• Lead cross-functional security architecture reviews and threat modeling exercises for critical business systems and applications.
• Develop and maintain enterprise security standards, design patterns, and reference architectures aligned with industry best practices and regulatory requirements.
• Mentor and guide security engineers and analysts; foster a culture of technical excellence and continuous learning within the security organization.
• Collaborate with enterprise architecture, infrastructure, application development, and Dev Sec Ops teams to embed security throughout the technology lifecycle.
• Lead security incident response efforts for critical or complex security events, providing technical expertise and strategic guidance.
• Conduct advanced security research and vulnerability analysis; develop proof-of-concepts and remediation strategies for emerging threats.
• Partner with compliance, audit, and risk management teams to ensure security controls meet regulatory requirements (e.g., PCI-DSS and CCPA).
• Track and communicate security program metrics, technical roadmaps, and risk posture to executive leadership and board-level stakeholders.
• Drive automation and tooling initiatives to scale security operations, reduce manual workflows, and improve detection and response capabilities.

Required Qualifications:

• Bachelor's degree in Computer Science, Information Security, Engineering, or related field; Master's degree preferred.
• 12+ years of experience in information security, with at least 5 years in a senior or principal technical leadership role.
• Deep expertise across multiple security domains: application security, cloud security, network security, identity and access management, threat detection, and incident response.
• Proven experience architecting and implementing security solutions in large-scale enterprise environments, including cloud platforms (AWS, Azure, GCP).
• Strong understanding of security frameworks and standards (NIST CSF, CIS Controls, OWASP, MITRE ATT&CK).
• Demonstrated experience with security tools and technologies: SIEM, EDR/XDR, CASB, PAM, vulnerability management, threat intelligence platforms, and security automation tools.
• Exceptional communication and stakeholder management skills with ability to influence at all organizational levels.
• Relevant certifications required (e.g., CISSP, GIAC, CCSP, OSCP, or equivalent advanced certifications).

Preferred Skills:

• Experience driving security transformations in retail, e-commerce, or other large-scale consumer-facing environments.
• Deep knowledge of Dev Sec Ops practices, security-as-code, and CI/CD security integration.
• Experience with security orchestration, automation, and response (SOAR) platforms and AI-enhanced security solutions.
• Proven track record of mentoring and developing security professionals in complex, matrixed organizations.
• Strong understanding of supply chain security, third-party risk management, and vendor security assessments.
• Ability to translate complex technical security concepts into business risk language for executive and non-technical audiences.
• Active participation in security community through speaking engagements, publications, or open-source contributions.

We’ve got you covered…

Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:

• Medical/Vision, Dental, Retirement and Paid Time Away

• Life Insurance and Disability

• Merchandise Discount and EAP Resources

A few more important points...

The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.

For Los Angeles or San Francisco applicants: Nordstrom is required to inform you that we conduct background checks after conditional offer and consider qualified applicants with criminal histories in a manner consistent with legal requirements per Los Angeles, Cal. Muni. Code 189.04 and the San Francisco Fair Chance Ordinance. For additional state and location specific notices, please refer to the Legal Notices document within the FAQ section of the Nordstrom Careers site.

Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com.

Please be mindful that there may be legal notices and requirements related to this job posting that are specific to your state. Review the Career Site FAQ’s for relevant information and guidelines.

© 2022 Nordstrom, Inc

Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.

Nordstrom keeps job postings open for at least one day after the posting date.

Pay Range Details

The pay range(s) below has been provided in compliance with state specific laws. Pay ranges may be different for other locations.
Pay offers are dependent on the location, as well as job-related knowledge, skills, and experience.

$191,000.00 - $297,000.00 Annual

This position may be eligible for performance-based incentives/bonuses. Benefits include 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more. Eligibility requirements may apply based on location, job level, classification, and length of employment. Learn more in the Nordstrom Benefits Overview by copying and pasting the following URL into your browser: https://careers.nordstrom.com/pdfs/Ben_Overview_17-19.pdf