Job Description

The Attack Surface Analyst Sr 2 champions reduction of Nordstrom’s attack surface through continuous identification, assessment, and escalation of the highest-risk exposures, along with the actions needed to manage that risk. As a senior leader on the Attack Surface Management team, this role collaborates closely with cybersecurity and technology partner teams to prioritize risk, execute remediation activities, and automate processes that secure the technology landscape.

Key Responsibilities

Lead the growth of the attack surface management program, develop and implement solutions to improve visibility into exposures, and contribute to the design and implementation of net-new capabilities.
Continuously drive improvements in attack surface management processes, methodologies, and security toolsets to enhance operational effectiveness, automating where possible.
Maintain Cybersecurity Standards, Attack Surface Management standard operating procedures, and runbooks.
Collaborate with AppSec, DevOps, and cloud platform teams to secure deployments and integrate security best practices into the design of software and related systems, ensuring a secure-by-design approach.
Maintain a map of Nordstrom’s attack surface through collaboration with network and offensive security teams, conducting regular assessments and reconnaissance activities, and leveraging dark web monitoring resources.
Lead data-driven, risk-prioritized, enterprise-wide initiatives to reduce vulnerabilities and exposures across Nordstrom’s technologies; identify opportunities and champion architectural changes that reduce attack surface.
Develop and present metrics to measure operational efficiency and attack surface risk.
Maintain domain expertise by completing trainings, attending industry presentations, obtaining certifications, engaging with the cybersecurity community, and consuming threat intelligence sources.
Support the growth of teammates’ domain expertise through mentorship, presentations, and knowledge-sharing sessions.
Lead compliance activities for the domain, including evidence validation and submission, proactive control evaluation and mitigation of gaps, and assessments (e.g., PCI).

Qualifications

Required

6+ years in security operations, vulnerability management, or offensive security domains, including experience in a senior or lead capacity.
Deep knowledge of the MITRE ATT&CK framework, threat actor tactics, techniques, and procedures (TTPs), and common attack vectors.
Experience implementing cloud security controls in a multi-cloud environment.
Proficiency in enterprise information technology (IT) architecture principles and practices.
Knowledge of offensive security methodologies and ethical hacking principles and practices.
Deep understanding of system landscape and data flow within the domain and across adjacent domains.
Expertise in scripting languages (e.g., Python, PowerShell) for process automation.
Advanced knowledge of networking, system administration, cloud services, asset management, and cybersecurity principles.
Deep understanding of the processes and controls needed to satisfy relevant regulatory and compliance requirements (e.g., PCI) for vulnerability and attack surface management.
Strong leadership and communication skills.
Bachelor’s or Master’s degree in Information Technology, Computer Science, Cybersecurity, or a related field; equivalent experience will be considered in lieu of a degree.

Preferred

Experience developing attack surface management capabilities and coaching more junior analysts.
Expertise across cybersecurity domains including vulnerability management, cloud security, attack surface management, network security, and cyber hygiene.
Demonstrated thought leadership on the application of emerging AI technologies within cybersecurity domains.
Advanced certifications (e.g., OSCE, GREM, CISSP).

Pay Range Details

The pay range(s) below has been provided in compliance with state specific laws. Pay ranges may be different for other locations. Pay offers are dependent on the location, as well as job-related knowledge, skills, and experience.

$166,000.00 - $258,000.00 Annual

We’ve got you covered…

Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:

Medical/Vision, Dental, Retirement and Paid Time Away
Life Insurance and Disability
Merchandise Discount and EAP Resources

This position may be eligible for performance-based incentives/bonuses. Benefits include 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more. Eligibility requirements may apply based on location, job level, classification, and length of employment. Learn more in the Nordstrom Benefits Overview by copying and pasting the following URL into your browser: https://careers.nordstrom.com/pdfs/Ben_Overview_17-19.pdf

A few more important points...

The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.

For Los Angeles or San Francisco applicants: Nordstrom is required to inform you that we conduct background checks after conditional offer and consider qualified applicants with criminal histories in a manner consistent with legal requirements per Los Angeles, Cal. Muni. Code 189.04 and the San Francisco Fair Chance Ordinance. For additional state and location specific notices, please refer to the Legal Notices document within the FAQ section of the Nordstrom Careers site.

Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com.

Please be mindful that there may be legal notices and requirements related to this job posting that are specific to your state. Review the Career Site FAQ’s for relevant information and guidelines.

Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.

Nordstrom keeps job postings open for at least one day after the posting date.

Job Description

Key Responsibilities

Lead the growth of the attack surface management program, develop and implement solutions to improve visibility into exposures, and contribute to the design and implementation of net-new capabilities.
Continuously drive improvements in attack surface management processes, methodologies, and security toolsets to enhance operational effectiveness, automating where possible.
Maintain Cybersecurity Standards, Attack Surface Management standard operating procedures, and runbooks.
Collaborate with AppSec, DevOps, and cloud platform teams to secure deployments and integrate security best practices into the design of software and related systems, ensuring a secure-by-design approach.
Maintain a map of Nordstrom’s attack surface through collaboration with network and offensive security teams, conducting regular assessments and reconnaissance activities, and leveraging dark web monitoring resources.
Lead data-driven, risk-prioritized, enterprise-wide initiatives to reduce vulnerabilities and exposures across Nordstrom’s technologies; identify opportunities and champion architectural changes that reduce attack surface.
Develop and present metrics to measure operational efficiency and attack surface risk.
Maintain domain expertise by completing trainings, attending industry presentations, obtaining certifications, engaging with the cybersecurity community, and consuming threat intelligence sources.
Support the growth of teammates’ domain expertise through mentorship, presentations, and knowledge-sharing sessions.
Lead compliance activities for the domain, including evidence validation and submission, proactive control evaluation and mitigation of gaps, and assessments (e.g., PCI).

Qualifications

Required

6+ years in security operations, vulnerability management, or offensive security domains, including experience in a senior or lead capacity.
Deep knowledge of the MITRE ATT&CK framework, threat actor tactics, techniques, and procedures (TTPs), and common attack vectors.
Experience implementing cloud security controls in a multi-cloud environment.
Proficiency in enterprise information technology (IT) architecture principles and practices.
Knowledge of offensive security methodologies and ethical hacking principles and practices.
Deep understanding of system landscape and data flow within the domain and across adjacent domains.
Expertise in scripting languages (e.g., Python, PowerShell) for process automation.
Advanced knowledge of networking, system administration, cloud services, asset management, and cybersecurity principles.
Deep understanding of the processes and controls needed to satisfy relevant regulatory and compliance requirements (e.g., PCI) for vulnerability and attack surface management.
Strong leadership and communication skills.
Bachelor’s or Master’s degree in Information Technology, Computer Science, Cybersecurity, or a related field; equivalent experience will be considered in lieu of a degree.

Preferred

Experience developing attack surface management capabilities and coaching more junior analysts.
Expertise across cybersecurity domains including vulnerability management, cloud security, attack surface management, network security, and cyber hygiene.
Demonstrated thought leadership on the application of emerging AI technologies within cybersecurity domains.
Advanced certifications (e.g., OSCE, GREM, CISSP).

Pay Range Details

$166,000.00 - $258,000.00 Annual

We’ve got you covered…

Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:

Medical/Vision, Dental, Retirement and Paid Time Away
Life Insurance and Disability
Merchandise Discount and EAP Resources

A few more important points...

The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.

Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com.

Please be mindful that there may be legal notices and requirements related to this job posting that are specific to your state. Review the Career Site FAQ’s for relevant information and guidelines.

Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.

Nordstrom keeps job postings open for at least one day after the posting date.

Senior 2 Attack Surface Analyst (hybrid - Seattle)

What you'd actually do

Skills

Required

Nice to have

What the JD emphasized

Job Description

Key Responsibilities

Qualifications

Job Description

Key Responsibilities

Qualifications