What you'd actually do

Define and evangelize the long-term platform security vision aligned with enterprise technology strategy and business objectives

Architect enterprise-wide security solutions for emerging and disruptive technologies (genAI, edge computing, decentralized systems)

Develop comprehensive reference architectures and security patterns that become organizational standards across all technology domains

Quantify and communicate platform security investments in terms of business risk reduction, revenue protection, and competitive advantage

Mentor Principal Engineers, Architects, and senior technical leaders across cybersecurity and technology organizations

Skills

Required

12+ years in cybersecurity with 5+ years leading enterprise-level security architecture initiatives
Demonstrated track record of defining security strategy that influenced organizational direction at Fortune 500 or equivalent scale
Proven ability to drive consensus and adoption of security standards across diverse technical and business stakeholders
History of mentoring senior technical talent and elevating organizational security capabilities
Enterprise security architecture frameworks (SABSA, O-ESA, TOGAF)
Advanced threat modeling and risk quantification methodologies
Zero Trust architecture at enterprise scale
Security for AI/ML
DevSecOps and platform engineering security patterns
Enterprise SIEM/SOAR/XDR platforms and custom security automation at scale
Multi-cloud security architecture (AWS, Azure, GCP) with hybrid considerations
Container orchestration security (Kubernetes, service mesh, serverless)
AI/ML platforms, LLMs, and emerging technology stacks
Infrastructure as Code security (Terraform, CloudFormation, security policy as code)
Python, Go, Java for security automation and tooling
Security domain-specific languages and frameworks

Nice to have

Published thought leadership (patents, peer-reviewed publications, industry presentations) in platform security
Experience advising C-suite or Board of Directors on technology security strategy
Track record of influencing industry standards or vendor security capabilities
Experience in regulated retail, financial services, or similarly complex enterprise environments
Bachelor's Degree in Information Technology, Computer Science, Cybersecurity or related field; Master's Degree strongly preferred

Job Description

Role Summary

Visionary enterprise security leader defining organizational direction and industry-leading practices for platform security across Nordstrom's technology ecosystem. Establishes foundational security principles, strategic roadmaps, and governance frameworks that shape how Nordstrom secures platforms at scale, including emerging technologies, multi-cloud environments, and next-generation computing paradigms. Serves as the organization's foremost authority on platform security architecture with influence extending across technology and business leadership.

Key Responsibilities:

Strategic Leadership & Vision

Define and evangelize the long-term platform security vision aligned with enterprise technology strategy and business objectives
Establish organization-wide platform security principles, standards, and governance frameworks that influence technology decisions at the highest levels
Drive Executive level platform security strategy discussions, translating complex technical security concepts into business risk and opportunity
Lead cross-functional security transformation initiatives that fundamentally reshape how Nordstrom approaches platform security

Enterprise Architecture & Innovation

Architect enterprise-wide security solutions for emerging and disruptive technologies (genAI, edge computing, decentralized systems)
Develop comprehensive reference architectures and security patterns that become organizational standards across all technology domains
Pioneer innovative security approaches that position Nordstrom as an industry leader in platform security practices
Influence vendor roadmaps and industry standards through thought leadership and strategic partnerships

Risk & Business Impact

Quantify and communicate platform security investments in terms of business risk reduction, revenue protection, and competitive advantage
Develop sophisticated security measurement frameworks that demonstrate clear ROI and business value to executive leadership
Lead security risk modeling for enterprise-critical platform decisions with multi-million dollar business implications
Balance security requirements with business velocity, establishing practical risk-based approaches for the organization

Organization & Talent Development

Mentor Principal Engineers, Architects, and senior technical leaders across cybersecurity and technology organizations
Build and elevate platform security engineering capability across Nordstrom through advisory, coaching, and knowledge sharing
Represent Nordstrom externally through speaking engagements, publications, and industry collaboration
Influence hiring strategies and organizational design for platform security capabilities

Example Projects or Deliverables

Enterprise security architecture strategy for quantum-ready cryptographic transitions across all platforms
Organization-wide security frameworks for responsible AI deployment with integrated risk management
Multi-year platform security roadmap with business case justification
Industry-recognized thought leadership (conference presentations, whitepapers, patents) on emerging platform security challenges
Cross-industry collaboration initiatives establishing platform security standards or best practices

Required Qualifications

12+ years in cybersecurity with 5+ years leading enterprise-level security architecture initiatives
Demonstrated track record of defining security strategy that influenced organizational direction at Fortune 500 or equivalent scale
Proven ability to drive consensus and adoption of security standards across diverse technical and business stakeholders
History of mentoring senior technical talent and elevating organizational security capabilities
Bachelor's Degree in Information Technology, Computer Science, Cybersecurity or related field; Master's Degree strongly preferred

Preferred Qualifications

Published thought leadership (patents, peer-reviewed publications, industry presentations) in platform security
Experience advising C-suite or Board of Directors on technology security strategy
Track record of influencing industry standards or vendor security capabilities
Experience in regulated retail, financial services, or similarly complex enterprise environments

Technical Expertise:

Strategic Technologies

Enterprise security architecture frameworks (SABSA, O-ESA, TOGAF)
Advanced threat modeling and risk quantification methodologies
Zero Trust architecture at enterprise scale
Security for AI/ML
DevSecOps and platform engineering security patterns

Platforms & Tools

Enterprise SIEM/SOAR/XDR platforms and custom security automation at scale
Multi-cloud security architecture (AWS, Azure, GCP) with hybrid considerations
Container orchestration security (Kubernetes, service mesh, serverless)
AI/ML platforms, LLMs, and emerging technology stacks
Infrastructure as Code security (Terraform, CloudFormation, security policy as code)

Languages & Automation

Python, Go, Java for security automation and tooling
Security domain-specific languages and frameworks

Leadership Competencies:

**Core Leadership Skills **

Strategic Mindset – Defines multi-year vision with organizational impact
Drives Vision – Inspires adoption of security principles across the enterprise
Decision Quality – Makes high-stakes architectural decisions with incomplete information
Influences & Communicates – Shapes thinking of senior leadership and technical experts alike
Builds Trust – Establishes credibility as the organization's platform security authority

Organizational Impact

Develops People – Elevates capability of senior technical staff and future leaders
Builds Teams – Fosters collaboration across organizational boundaries
Manages Complexity – Navigates ambiguous, cross-functional security challenges
Drives Results – Delivers transformational security outcomes with measurable business impact
Has Courage – Makes principled security recommendations even when facing organizational resistance

Personal Excellence

Customer Focus – Balances security requirements with business enablement
Self-Development – Maintains cutting-edge expertise in rapidly evolving security domain
Communicates Effectively – Adapts messaging for technical and executive audiences with equal fluency

We’ve got you covered…

Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:

Medical/Vision, Dental, Retirement and Paid Time Away
Life Insurance and Disability
Merchandise Discount and EAP Resources

A few more important points...

The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.

For Los Angeles or San Francisco applicants: Nordstrom is required to inform you that we conduct background checks after conditional offer and consider qualified applicants with criminal histories in a manner consistent with legal requirements per Los Angeles, Cal. Muni. Code 189.04 and the San Francisco Fair Chance Ordinance. For additional state and location specific notices, please refer to the Legal Notices document within the FAQ section of the Nordstrom Careers site.

Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com.

Please be mindful that there may be legal notices and requirements related to this job posting that are specific to your state. Review the Career Site FAQ’s for relevant information and guidelines.

Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.

Nordstrom keeps job postings open for at least one day after the posting date.

Pay Range Details

The pay range(s) below has been provided in compliance with state specific laws. Pay ranges may be different for other locations. Pay offers are dependent on the location, as well as job-related knowledge, skills, and experience.

$200,500.00 - $332,000.00 Annual

This position may be eligible for performance-based incentives/bonuses. Benefits include 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more. Eligibility requirements may apply based on location, job level, classification, and length of employment. Learn more in the Nordstrom Benefits Overview by copying and pasting the following URL into your browser: https://careers.nordstrom.com/pdfs/Ben_Overview_20-21.pdf

Job Description

Role Summary

Key Responsibilities:

Strategic Leadership & Vision

Define and evangelize the long-term platform security vision aligned with enterprise technology strategy and business objectives
Establish organization-wide platform security principles, standards, and governance frameworks that influence technology decisions at the highest levels
Drive Executive level platform security strategy discussions, translating complex technical security concepts into business risk and opportunity
Lead cross-functional security transformation initiatives that fundamentally reshape how Nordstrom approaches platform security

Enterprise Architecture & Innovation

Architect enterprise-wide security solutions for emerging and disruptive technologies (genAI, edge computing, decentralized systems)
Develop comprehensive reference architectures and security patterns that become organizational standards across all technology domains
Pioneer innovative security approaches that position Nordstrom as an industry leader in platform security practices
Influence vendor roadmaps and industry standards through thought leadership and strategic partnerships

Risk & Business Impact

Quantify and communicate platform security investments in terms of business risk reduction, revenue protection, and competitive advantage
Develop sophisticated security measurement frameworks that demonstrate clear ROI and business value to executive leadership
Lead security risk modeling for enterprise-critical platform decisions with multi-million dollar business implications
Balance security requirements with business velocity, establishing practical risk-based approaches for the organization

Organization & Talent Development

Mentor Principal Engineers, Architects, and senior technical leaders across cybersecurity and technology organizations
Build and elevate platform security engineering capability across Nordstrom through advisory, coaching, and knowledge sharing
Represent Nordstrom externally through speaking engagements, publications, and industry collaboration
Influence hiring strategies and organizational design for platform security capabilities

Example Projects or Deliverables

Enterprise security architecture strategy for quantum-ready cryptographic transitions across all platforms
Organization-wide security frameworks for responsible AI deployment with integrated risk management
Multi-year platform security roadmap with business case justification
Industry-recognized thought leadership (conference presentations, whitepapers, patents) on emerging platform security challenges
Cross-industry collaboration initiatives establishing platform security standards or best practices

Required Qualifications

12+ years in cybersecurity with 5+ years leading enterprise-level security architecture initiatives
Demonstrated track record of defining security strategy that influenced organizational direction at Fortune 500 or equivalent scale
Proven ability to drive consensus and adoption of security standards across diverse technical and business stakeholders
History of mentoring senior technical talent and elevating organizational security capabilities
Bachelor's Degree in Information Technology, Computer Science, Cybersecurity or related field; Master's Degree strongly preferred

Preferred Qualifications

Published thought leadership (patents, peer-reviewed publications, industry presentations) in platform security
Experience advising C-suite or Board of Directors on technology security strategy
Track record of influencing industry standards or vendor security capabilities
Experience in regulated retail, financial services, or similarly complex enterprise environments

Technical Expertise:

Strategic Technologies

Enterprise security architecture frameworks (SABSA, O-ESA, TOGAF)
Advanced threat modeling and risk quantification methodologies
Zero Trust architecture at enterprise scale
Security for AI/ML
DevSecOps and platform engineering security patterns

Platforms & Tools

Enterprise SIEM/SOAR/XDR platforms and custom security automation at scale
Multi-cloud security architecture (AWS, Azure, GCP) with hybrid considerations
Container orchestration security (Kubernetes, service mesh, serverless)
AI/ML platforms, LLMs, and emerging technology stacks
Infrastructure as Code security (Terraform, CloudFormation, security policy as code)

Languages & Automation

Python, Go, Java for security automation and tooling
Security domain-specific languages and frameworks

Leadership Competencies:

**Core Leadership Skills **

Strategic Mindset – Defines multi-year vision with organizational impact
Drives Vision – Inspires adoption of security principles across the enterprise
Decision Quality – Makes high-stakes architectural decisions with incomplete information
Influences & Communicates – Shapes thinking of senior leadership and technical experts alike
Builds Trust – Establishes credibility as the organization's platform security authority

Organizational Impact

Develops People – Elevates capability of senior technical staff and future leaders
Builds Teams – Fosters collaboration across organizational boundaries
Manages Complexity – Navigates ambiguous, cross-functional security challenges
Drives Results – Delivers transformational security outcomes with measurable business impact
Has Courage – Makes principled security recommendations even when facing organizational resistance

Personal Excellence

Customer Focus – Balances security requirements with business enablement
Self-Development – Maintains cutting-edge expertise in rapidly evolving security domain
Communicates Effectively – Adapts messaging for technical and executive audiences with equal fluency

We’ve got you covered…

Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:

Medical/Vision, Dental, Retirement and Paid Time Away
Life Insurance and Disability
Merchandise Discount and EAP Resources

A few more important points...

The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.

Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com.

Please be mindful that there may be legal notices and requirements related to this job posting that are specific to your state. Review the Career Site FAQ’s for relevant information and guidelines.

Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.

Nordstrom keeps job postings open for at least one day after the posting date.

Pay Range Details

$200,500.00 - $332,000.00 Annual

Senior Principal Engineer - Cybersecurity (hybrid - Seattle)

What you'd actually do

Skills

Required

Nice to have

What the JD emphasized

Job Description

Job Description