Security Platform Engineer 2 (Hybrid - Seattle)

NordstromSeattle, WA
$121,500 - $188,500Hybrid

About The Position

As a Security Platform Engineer II, you will be a core technical contributor on the Security Platform Engineering team — responsible for the engineering, operations, and continuous improvement of the enterprise security platform portfolio that protects Nordstrom’s retail, e-commerce, and cloud environments. You will work across a broad portfolio of security platforms spanning endpoint protection, data security, cloud security, email security, and logging — partnering with Threat Intel & Detection Engineering, Cloud Engineering, IT, SOC, and GRC teams to maintain platform health and drive platform evolution. The ideal candidate brings hands-on security platform engineering experience, strong scripting and automation skills, and a genuine interest in building and operating reliable, scalable security systems. You thrive in cross-functional environments, take ownership of your platforms end to end, and have a bias toward automation and continuous improvement.

Requirements

  • Minimum 3 years of experience in security platform engineering, security operations, or related technical roles supporting mission-critical systems.
  • Minimum 2 years of hands-on experience with scripting or programming languages — preferably Python, Bash, or NodeJS/JavaScript.
  • Experience with enterprise security platforms across two or more of the following domains: endpoint security (EDR/XDR), data loss prevention, data encryption, email security, CSPM, or SIEM.
  • Working knowledge of security frameworks and standards including MITRE ATT&CK, NIST CSF, PCI DSS, and CIS Controls.
  • Demonstrated ability to analyse log data, security alerts, and platform telemetry; Splunk or equivalent SIEM experience required.
  • Experience developing automation tooling or contributing to CI/CD pipelines in an engineering environment.
  • Strong written and oral communication skills; ability to translate technical concepts clearly for non-technical stakeholders.
  • Advanced understanding of systems design principles, technical architecture, and a track record of platform implementation and support.

Nice To Haves

  • Hands-on experience with one or more SPE platforms: CrowdStrike Falcon, Wiz (CSPM), NewRelic, CipherTrust, Secure File Server (SFS), OnSpring, Proofpoint, Qualys, or Tanium.
  • Experience with cloud security platforms and securing hybrid environments (AWS, Azure, GCP).
  • Familiarity with infrastructure-as-code tools — Terraform, Docker, Kubernetes, or Helm.
  • Experience with identity and access management platforms — Okta, Active Directory, SAML/SSO, LDAP.
  • Understanding of retail or e-commerce security challenges including POS security, PCI DSS compliance, and hybrid store/cloud environments.
  • Experience supporting or partnering with Threat Intel & Detection Engineering, SOC or CSIRT teams in an incident response capacity.
  • Relevant industry certifications: CompTIA Security+, CISSP, CISM, AWS Security, or equivalent.
  • Background in software engineering or development; experience with DevSecOps practices.
  • Familiarity with AI-powered security tooling or experience integrating AI tools into engineering workflows.

Responsibilities

  • Provide engineering and sustainment support across the full SPE platform portfolio — including EDR, DLP, data encryption, email security, CSPM, and SIEM — ensuring platforms are highly available, performant, and cost-effective.
  • Partner with IT, infrastructure, and application teams to maintain seamless security platform integrations across Nordstrom’s hybrid on-prem, cloud, and retail store environments.
  • Monitor and maintain platform health metrics — including EDR, Qualys, and Tanium agent coverage — and contribute to Monthly Business/Program Reviews (MBR/MPR) reporting.
  • Manage security platform migrations, upgrades, and configuration changes with minimal business disruption; develop and execute detailed test plans for platform changes.
  • Participate in an on-call rotation for platform-related incidents and support Threat Intel, CSIRT/SOC teams during security events requiring platform investigation or response.
  • Design, develop, and maintain automation tooling and CI/CD pipelines that improve platform deployment, configuration management, and operational efficiency.
  • Write and maintain engineering-level documentation including architecture decisions, runbooks, deployment guides, and test plans.
  • Contribute to the development of in-house tooling using Python, Bash, and NodeJS to automate repetitive operational tasks and reduce manual toil across the platform portfolio.
  • Apply infrastructure-as-code practices (Terraform) and containerization (Docker, Kubernetes) where applicable to platform deployment and management.
  • Leverage AI tooling — including GitHub Copilot and Claude — to accelerate engineering workflows and improve team productivity.
  • Partner with Threat Intel & Detection Engineering, SOC and CSIRT teams to ensure platform configurations align with active detection and incident response requirements.
  • Collaborate with GRC teams to ensure security platforms meet compliance requirements across NIST CSF, PCI DSS, SOC 1/2, and related frameworks.
  • Communicate clearly and effectively with technical and non-technical stakeholders across engineering, IT, and business teams.
  • Mentor junior engineers in both technical skills and engineering best practices; contribute to a culture of knowledge sharing and continuous improvement.

Benefits

  • Medical/Vision
  • Dental
  • Retirement
  • Paid Time Away
  • Life Insurance
  • Disability
  • Merchandise Discount
  • EAP Resources
  • 401k
  • Holidays
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service