Jobs · Engineering · Washington

Security Platform Engineer 2 (Hybrid - Seattle)

Nordstrom · Seattle, WA · 2 wk ago
HybridEngineeringFull-time

Platform Engineering & Operations

  • Provide engineering and sustainment support across the full SPE platform portfolio — including EDR, DLP, data encryption, email security, CSPM, and SIEM — ensuring platforms are highly available, performant, and cost-effective.
  • Partner with IT, infrastructure, and application teams to maintain seamless security platform integrations across Nordstrom’s hybrid on-prem, cloud, and retail store environments.
  • Maintain platform health metrics — including EDR, Qualys, and Tanium agent coverage — and contribute to Monthly Business/Program Reviews (MBR/MPR) reporting.
  • Manage security platform migrations, upgrades, and configuration changes with minimal business disruption; develop and execute detailed test plans for platform changes.
  • Participate in an on-call rotation for platform-related incidents and support Threat Intel, CSIRT/SOC teams during security events requiring platform investigation or response.

Engineering & Automation

  • Design, develop, and maintain automation tooling and CI/CD pipelines that improve platform deployment, configuration management, and operational efficiency.
  • Write and maintain engineering-level documentation including architecture decisions, runbooks, deployment guides, and test plans.
  • Contribute to the development of in-house tooling using Python, Bash, and NodeJS to automate repetitive operational tasks and reduce manual toil across the platform portfolio.
  • Leverage infrastructure-as-code practices (Terraform) and containerization (Docker, Kubernetes) where applicable to platform deployment and management.
  • Apply AI tooling — including GitHub Copilot and Claude — to accelerate engineering workflows and improve team productivity.

Cross-functional Collaboration

  • Partner with Threat Intel & Detection Engineering, SOC and CSIRT teams to ensure platform configurations align with active detection and incident response requirements.
  • Collaborate with GRC teams to ensure security platforms meet compliance requirements across NIST CSF, PCI DSS, SOC 1/2, and related frameworks.
  • Communicate clearly and effectively with technical and non-technical stakeholders across engineering, IT, and business teams.
  • Mentor junior engineers in both technical skills and engineering best practices; contribute to a culture of knowledge sharing and continuous improvement.

About You

  • You bring hands-on experience in a large-scale security, technology, or e-commerce environment — and you understand the unique security challenges of hybrid retail environments.
  • You’re a strong cross-functional collaborator who builds trust with stakeholders at all levels, from engineers to executive leadership.
  • You have a bias toward automation — when you see a repetitive manual process, your instinct is to eliminate it.
  • You take ownership end to end: you don’t consider a platform ‘done’ when it’s deployed; you care about its ongoing health, coverage, and evolution.
  • You’re comfortable with ambiguity and can prioritize effectively in a fast-paced environment with multiple competing demands.
  • You’re genuinely interested in mentoring others and investing in the growth of the engineers around you.
  • You bring an AI-first mindset — you actively look for opportunities to integrate AI tools into your engineering workflow.

Required Qualifications

  • Minimum 3 years of experience in security platform engineering, security operations, or related technical roles supporting mission-critical systems.
  • Minimum 2 years of hands-on experience with scripting or programming languages — preferably Python, Bash, or NodeJS/JavaScript.
  • Experience with enterprise security platforms across two or more of the following domains: endpoint security (EDR/XDR), data loss prevention, data encryption, email security, CSPM, or SIEM.
  • Working knowledge of security frameworks and standards including MITRE ATT&CK, NIST CSF, PCI DSS, and CIS Controls.
  • Demonstrated ability to analyse log data, security alerts, and platform telemetry; Splunk or equivalent SIEM experience required.
  • Experience developing automation tooling or contributing to CI/CD pipelines in an engineering environment.
  • Strong written and oral communication skills; ability to translate technical concepts clearly for non-technical stakeholders.
  • Advanced understanding of systems design principles, technical architecture, and a track record of platform implementation and support.

Preferred Qualifications

  • Hands-on experience with one or more SPE platforms: CrowdStrike Falcon, Wiz (CSPM), NewRelic, CipherTrust, Secure File Server (SFS), OnSpring, Proofpoint, Qualys, or Tanium.
  • Experience with cloud security platforms and securing hybrid environments (AWS, Azure, GCP).
  • Familiarity with infrastructure-as-code tools — Terraform, Docker, Kubernetes, or Helm.
  • Experience with identity and access management platforms — Okta, Active Directory, SAML/SSO, LDAP.
  • Understanding of retail or e-commerce security challenges including POS security, PCI DSS compliance, and hybrid store/cloud environments.
  • Experience supporting or partnering with Threat Intel & Detection Engineering, SOC or CSIRT teams in an incident response capacity.
  • Relevant industry certifications: CompTIA Security+, CISSP, CISM, AWS Security, or equivalent.
  • Background in software engineering or development; experience with DevSecOps practices.
  • Familiarity with AI-powered security tooling or experience integrating AI tools into engineering workflows.

Similar jobs