Security Platform Engineer 2 (Hybrid - Seattle)

Job Description

As a Security Platform Engineer II, you will be a core technical contributor on the Security Platform Engineering team — responsible for the engineering, operations, and continuous improvement of the enterprise security platform portfolio that protects Nordstrom’s retail, e-commerce, and cloud environments. You will work across a broad portfolio of security platforms spanning endpoint protection, data security, cloud security, email security, and logging — partnering with Threat Intel & Detection Engineering, Cloud Engineering, IT, SOC, and GRC teams to maintain platform health and drive platform evolution.

The ideal candidate brings hands-on security platform engineering experience, strong scripting and automation skills, and a genuine interest in building and operating reliable, scalable security systems. You thrive in cross-functional environments, take ownership of your platforms end to end, and have a bias toward automation and continuous improvement.

Platform Engineering & Operations

• Provide engineering and sustainment support across the full SPE platform portfolio — including EDR, DLP, data encryption, email security, CSPM, and SIEM — ensuring platforms are highly available, performant, and cost-effective.
• Partner with IT, infrastructure, and application teams to maintain seamless security platform integrations across Nordstrom’s hybrid on-prem, cloud, and retail store environments.
• Monitor and maintain platform health metrics — including EDR, Qualys, and Tanium agent coverage — and contribute to Monthly Business/Program Reviews (MBR/MPR) reporting.
• Manage security platform migrations, upgrades, and configuration changes with minimal business disruption; develop and execute detailed test plans for platform changes.
• Participate in an on-call rotation for platform-related incidents and support Threat Intel, CSIRT/SOC teams during security events requiring platform investigation or response.

Engineering & Automation

• Design, develop, and maintain automation tooling and CI/CD pipelines that improve platform deployment, configuration management, and operational efficiency.
• Write and maintain engineering-level documentation including architecture decisions, runbooks, deployment guides, and test plans.
• Contribute to the development of in-house tooling using Python, Bash, and NodeJS to automate repetitive operational tasks and reduce manual toil across the platform portfolio.
• Apply infrastructure-as-code practices (Terraform) and containerization (Docker, Kubernetes) where applicable to platform deployment and management.
• Leverage AI tooling — including GitHub Copilot and Claude — to accelerate engineering workflows and improve team productivity.

Cross-functional Collaboration

• Partner with Threat Intel & Detection Engineering, SOC and CSIRT teams to ensure platform configurations align with active detection and incident response requirements.
• Collaborate with GRC teams to ensure security platforms meet compliance requirements across NIST CSF, PCI DSS, SOC 1/2, and related frameworks.
• Communicate clearly and effectively with technical and non-technical stakeholders across engineering, IT, and business teams.
• Mentor junior engineers in both technical skills and engineering best practices; contribute to a culture of knowledge sharing and continuous improvement.

• You bring hands-on experience in a large-scale security, technology, or e-commerce environment — and you understand the unique security challenges of hybrid retail environments.
• You’re a strong cross-functional collaborator who builds trust with stakeholders at all levels, from engineers to executive leadership.
• You have a bias toward automation — when you see a repetitive manual process, your instinct is to eliminate it.
• You take ownership end to end: you don’t consider a platform ‘done’ when it’s deployed; you care about its ongoing health, coverage, and evolution.
• You’re comfortable with ambiguity and can prioritize effectively in a fast-paced environment with multiple competing demands.
• You’re genuinely interested in mentoring others and investing in the growth of the engineers around you.
• You bring an AI-first mindset — you actively look for opportunities to integrate AI tools into your engineering workflow.

• Minimum 3 years of experience in security platform engineering, security operations, or related technical roles supporting mission-critical systems.
• Minimum 2 years of hands-on experience with scripting or programming languages — preferably Python, Bash, or NodeJS/JavaScript.
• Experience with enterprise security platforms across two or more of the following domains: endpoint security (EDR/XDR), data loss prevention, data encryption, email security, CSPM, or SIEM.
• Working knowledge of security frameworks and standards including MITRE ATT&CK, NIST CSF, PCI DSS, and CIS Controls.
• Demonstrated ability to analyse log data, security alerts, and platform telemetry; Splunk or equivalent SIEM experience required.
• Experience developing automation tooling or contributing to CI/CD pipelines in an engineering environment.
• Strong written and oral communication skills; ability to translate technical concepts clearly for non-technical stakeholders.
• Advanced understanding of systems design principles, technical architecture, and a track record of platform implementation and support.

• Hands-on experience with one or more SPE platforms: CrowdStrike Falcon, Wiz (CSPM), NewRelic, CipherTrust, Secure File Server (SFS), OnSpring, Proofpoint, Qualys, or Tanium.
• Experience with cloud security platforms and securing hybrid environments (AWS, Azure, GCP).
• Familiarity with infrastructure-as-code tools — Terraform, Docker, Kubernetes, or Helm.
• Experience with identity and access management platforms — Okta, Active Directory, SAML/SSO, LDAP.
• Understanding of retail or e-commerce security challenges including POS security, PCI DSS compliance, and hybrid store/cloud environments.
• Experience supporting or partnering with Threat Intel & Detection Engineering, SOC or CSIRT teams in an incident response capacity.
• Relevant industry certifications: CompTIA Security+, CISSP, CISM, AWS Security, or equivalent.
• Background in software engineering or development; experience with DevSecOps practices.
• Familiarity with AI-powered security tooling or experience integrating AI tools into engineering workflows.

• Work on a platform portfolio that directly protects one of North America’s leading retail and e-commerce organizations — at enterprise scale across 40,000+ endpoints.
• Join a team that actively invests in your growth — through mentorship, development planning, and access to emerging technologies including AI tooling.
• Operate at the intersection of security engineering and business impact — your work has direct, visible effect on Nordstrom’s security posture and compliance standing.
• Be part of a collaborative, inclusive team that values engineering quality, continuous improvement, and an AI-first approach to solving security challenges.
• Competitive compensation, benefits, and employee merchandise discount.

Pay Range Details

The pay range(s) below has been provided in compliance with state specific laws. Pay ranges may be different for other locations. 
Pay offers are dependent on the location, as well as job-related knowledge, skills, and experience.

$121,500.00 - $188,500.00 Annual

 

 

We’ve got you covered…

Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:

• Medical/Vision, Dental, Retirement and Paid Time Away
• Life Insurance and Disability
• Merchandise Discount and EAP Resources

   

This position may be eligible for performance-based incentives/bonuses. Benefits include 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more. Eligibility requirements may apply based on location, job level, classification, and length of employment. Learn more in the Nordstrom Benefits Overview by copying and pasting the following URL into your browser: https://careers.nordstrom.com/pdfs/Ben_Overview_16.pdf

 

A few more important points...

The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.

For Los Angeles or San Francisco applicants: Nordstrom is required to inform you that we conduct background checks after conditional offer and consider qualified applicants with criminal histories in a manner consistent with legal requirements per Los Angeles, Cal. Muni. Code 189.04 and the San Francisco Fair Chance Ordinance. For additional state and location specific notices, please refer to the Legal Notices document within the FAQ section of the Nordstrom Careers site.

Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com. 

Please be mindful that there may be legal notices and requirements related to this job posting that are specific to your state. Review the Career Site FAQ’s for relevant information and guidelines.

Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.

 

Nordstrom keeps job postings open for at least one day after the posting date.

 

© 2026 Nordstrom, Inc