Senior 2 Attack Surface Analyst (Hybrid - Seattle)

Nordstrom

Hybrid

Quick summary

Work type
Hybrid
Location
Seattle, WA
Salary
$166,000–$258,000 / yr
Posted
7 days ago
Nearby
99+ roles within 25 mi

Market check

Salary context

Above market

How this pay compares to similar roles

Similar $172k
This role $212k
$121k most similar roles pay here $273k

This role pays more than 79% of similar roles. Most pay $142,400–$202,000 — the shaded band above. At the midpoint, this role pays about $212k versus about $172k for comparable roles.

Based on 239 similar postings.

Employer

About Nordstrom

Nordstrom is a leading American luxury department store chain offering a wide selection of clothing, shoes, accessories, and beauty products through its stores, Nordstrom Rack outlets, and online. Industry: Luxury Department Store Retail

Nordstrom currently has 33 open roles on FindRole.

Listed pay typically runs $142,000–$220,500 across 33 roles with salary data.

Most-posted roles

View all roles at Nordstrom

At a glance

TL;DR · Senior 2 Attack Surface Analyst (Hybrid - Seattle)

Apply Now Log in to save

As a Senior Attack Surface Analyst at Nordstrom, you will lead the expansion of the attack surface management program within a dynamic cybersecurity team. Your daily responsibilities include identifying and assessing high-risk exposures, collaborating with technology partners to prioritize risk and execute remediation activities, and automating processes to enhance security. You will maintain Cybersecurity Standards and runbooks while ensuring secure-by-design practices are integrated into software development through collaboration with AppSec and DevOps teams. Utilizing scripting languages like Python and PowerShell for automation, you will leverage your deep knowledge of the MITRE ATT&CK framework and cloud security controls in a multi-cloud environment to drive data-driven initiatives that reduce vulnerabilities across Nordstrom’s technology landscape. This role demands expertise in networking, system administration, and compliance with regulatory requirements such as PCI, alongside strong leadership and communication skills to mentor team members and present metrics for operational efficiency.

Skills

Python PowerShell MITRE ATT&CK PCI AWS Azure GCP Terraform Kubernetes Docker CI/CD Prometheus Grafana PostgreSQL MSSQL Linux Windows Server Network Security System Administration Asset Management

What you'll do

  • Lead growth and implementation of attack surface management solutions to enhance visibility into exposures.
  • Drive continuous improvements in processes, methodologies, and security toolsets for operational effectiveness.
  • Maintain cybersecurity standards and runbooks for attack surface management.
  • Secure deployments by integrating security best practices with AppSec, DevOps, and cloud platform teams.
  • Conduct regular assessments and leverage dark web monitoring to maintain a map of Nordstrom’s attack surface.
  • Champion architectural changes that reduce vulnerabilities and exposures across technologies.
  • Develop metrics to measure operational efficiency and risk in attack surface management.

What we're looking for

  • 6+ years experience in security operations or offensive security roles, including senior-level responsibilities.
  • Deep knowledge of MITRE ATT&CK framework and threat actor tactics, techniques, and procedures (TTPs).
  • Expertise in implementing cloud security controls across multi-cloud environments.
  • Proficiency in enterprise IT architecture principles and scripting languages for automation.
  • Advanced understanding of networking, system administration, asset management, and cybersecurity principles.
  • Strong leadership skills and ability to communicate effectively with technical teams.

Related searches

More Senior 2 Attack Surface Analyst jobs Senior 2 Attack Surface Analyst jobs in Seattle All jobs at Nordstrom

More like this

Similar roles

Sr Analyst, Penetration Testing

McDonald’s Corporation

Chicago, Illinois 7 days ago $138,207$172,758
Python PowerShell Go C C++ MITRE ATT&CK TCP/UDP SSL/TLS HTTP/S REST/SOAP APIs Windows Active Directory Linux OSCP OSCE OSEP OSWE GWAPT GPEN GXPN GRTP CRTO PNPT EDR SIEM Email Gateway SOAR
Save

Senior Security Engineer, Cyber Defense Platforms

State Street

Boston, MA 9 days ago $90,000$157,500
Endpoint hardening CIS benchmarks Zero Trust EDR Application control Configuration management Execution control mechanisms Network Security (NetSec) Data Security (DataSec) CI/CD Security architecture documentation Large scale multi-region environments Regulated enterprise environments Hybrid work model
Hybrid
Save

Sr Analyst, Cyber Defense

McDonald’s Corporation

Chicago, Illinois 42 days ago $127,332$159,165
SIEM EDR Python Autopsy Velociraptor Ghidra NIST Cybersecurity Framework Cyber Kill Chain SOAR Linux Windows MacOS CI/CD eDiscovery Forensics
Save

Senior Offensive Security Engineer

Chime

San Francisco, CA 14 days ago $250,000$250,000
Kubernetes Python Go Docker CI/CD AWS Azure GCP PostgreSQL Linux Git GitHub Jenkins Splunk Terraform Ansible Nmap Metasploit Wireshark OWASP Top Ten
Hybrid
Save