Job Information
Nordstrom Sr. Security Engineer (Hybrid - located in Seattle, WA) in Seattle, Washington
Job Description
Nordstrom’s Computer Security & Incident Response Team (CSIRT) is a diverse team of security professionals that delivers a broad range of incident response services to monitor, identify, and respond to security events in an enterprise environment to protect Nordstrom’s customers, our employees, and our brands.
About the Role
As a CSIRT Senior Engineer, you will apply your security knowledge, technical expertise and communication skills to provide expert analysis, leadership, and guidance during incident response investigations. You will embrace new challenges with a positive attitude, identify and proactively resolve security issues with confidence, and display a curious mindset while learning new technologies or techniques. In addition to performing incident response, you will help to grow and improve Nordstrom’s security posture via cross-team collaboration.
To be successful in this position, you must be proficient with:
Incident Response – You are highly effective at triaging and managing workstreams while working toward incident remediation.
Leadership – You can function as a lead investigator and facilitate response involving multiple stakeholders under pressure while mentoring team members on nuances of incident response.
Offensive Techniques – You are very familiar with the MITRE ATT&CK framework and real-world scenarios and use those inputs to effectively prioritize initiatives and remediations in the Nordstrom environment.
Logs – You are comfortable in analyzing logs from SIEMs and other sources to identify anomalous activity, recreate incidents, correlate events, and hunt for threats.
System Forensics – You have a deep understanding of image acquisition techniques, memory, host, file and browser forensics and familiarity mentoring junior engineers on those techniques.
Digital Fraud – You are familiar with common TTPs threat actors leverage.
Networking and Identity Fundamentals – You understand TCP/IP Protocols, SSL/TLS, authentication protocols such as SAML andOAuth, and network analysis tools such as Wireshark or TCPDump, and leveraging those skills to further the incident response.
Automation – You are very capable of developing and/or modifying scripts to automate repetitive tasks and/or improve detection and response capabilities.
Mentorship – You have experience and are comfortable developing other security engineers or analysts to produce positive outcomes and increase team capabilities.
Security Strategy – You know how to develop or improve upon Security and Engineering standards, provide recruitment and retention recommendations, and drive improvements within the engineering community.
Minimum Qualifications
Bachelor’s degree or equivalent experience
4+ years of IT experience, primarily focused on security and incident response activities
At least one industry certification such as CISSP, CISA, CEH, GSEC, GCFE
Strong ability to write scripts/code using Python, Bash, PowerShell, or equivalent
Advanced knowledge of digital forensics including memory and dead-disk examinations of Windows, macOS, and Linux systems
Proven ability to establish and foster close working relationships with partner teams, to include coordinating with other members of Information Technology to plan for future security requirements
Advanced knowledge of security best practices and technologies with an emphasis on current technologies and threats
Strong experience fostering the growth of team members by providing training, guidance, and mentorship to less experienced engineers
Demonstrated experience deploying, configuring, and/or monitoring cloud security tools
Experience working in an environment that is certified and compliant with a globally recognized Security Framework / Information Security Management System (NIST SP 800-53, ISO27001, HIPAA, SOX, PCI)
Expert written and verbal communications skills to include presenting to various levels of business and technical leadership.
Advanced ability to successfully prioritize, execute, and deliver independently with minimal supervision
Strong understanding of the chain of custody process as well as proper physical and digital evidence storage
Proven ability to maintain confidentiality and work under short deadlines in stressful situations
Strong attention to detail
In addition, a minimum of one (1) year of specialized experience in one or more of the following areas is required:
Security Assessment or Offensive Security
Application security, cloud security, or network security
Creating and implementing sophisticated SIEM detections
Desired Qualifications
Advanced understanding of cloud security
Ability to reverse engineer malware
Experience conducting container forensics
Digital forensics certifications
Splunk certifications
We’ve got you covered…
Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:
Medical/Vision, Dental, Retirement and Paid Time Away
Life Insurance and Disability
Merchandise Discount and EAP Resources
A few more important points...
The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.
Nordstrom will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.
Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com .
© 2022 Nordstrom, Inc
Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.
Pay Range Details
The pay range(s) below are provided in compliance with state specific laws. Pay ranges may be different in other locations.
Washington: $142,000 - $220,500 annually (depending on experience)
This position may be eligible for performance-based incentives/bonuses. Benefits include 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more. Eligibility requirements may apply based on location, job level, classification, and length of employment. Learn more in the Nordstrom Benefits Overview by copying and pasting the following URL into your browser: https://careers.nordstrom.com/pdfs/Ben_Overview_17-19.pdf
About Us
We’re a fast-moving fashion company that started as a shoe store in 1901. This heritage of service is the foundation we’re building on as we provide convenience and true connection for our customers. We empower our people to be innovative, creative and focused on providing the best service to our customers. Through it all, we remain committed to leaving the world better than we found it.
Whether you’re a genius engineer, a phenomenal salesperson or a supply chain pro, we invite you to bring your unique talents and join our team. We reward great work, promote from within and celebrate diversity.
CUSTOMER OBSESSEDWe strive to know our customers better than anyone else. We listen, anticipate, build trust and move with speed to deliver on their needs.
OWNERS AT HEARTWe treat every interaction as an opportunity to make an impact and deliver excellence.
CURIOUS AND EVER CHANGINGWe approach problems with curiosity and create solutions. We unlock potential to be bold, think big and inspire innovation.
HERE TO WINWe’re committed to delivering results, both today and tomorrow. We win as a team by supporting and challenging one another to be better every day.
WE EXTEND OURSELVESWe treat each other with respect and kindness. We do the small things that make a big difference. We create a welcoming environment, helping people feel connected, valued and part of one community.
Come on! Join us!