Senior 2 Attack Surface Analyst (Hybrid - Seattle)

About The Position

Requirements

• 6+ years in security operations, vulnerability management, or offensive security domains, including experience in a senior or lead capacity.
• Deep knowledge of the MITRE ATT&CK framework, threat actor tactics, techniques, and procedures (TTPs), and common attack vectors.
• Experience implementing cloud security controls in a multi-cloud environment.
• Proficiency in enterprise information technology (IT) architecture principles and practices.
• Knowledge of offensive security methodologies and ethical hacking principles and practices.
• Deep understanding of system landscape and data flow within the domain and across adjacent domains.
• Expertise in scripting languages (e.g., Python, PowerShell) for process automation.
• Advanced knowledge of networking, system administration, cloud services, asset management, and cybersecurity principles.
• Deep understanding of the processes and controls needed to satisfy relevant regulatory and compliance requirements (e.g., PCI) for vulnerability and attack surface management.
• Strong leadership and communication skills.
• Bachelor’s or Master’s degree in Information Technology, Computer Science, Cybersecurity, or a related field; equivalent experience will be considered in lieu of a degree.

Nice To Haves

• Experience developing attack surface management capabilities and coaching more junior analysts.
• Expertise across cybersecurity domains including vulnerability management, cloud security, attack surface management, network security, and cyber hygiene.
• Demonstrated thought leadership on the application of emerging AI technologies within cybersecurity domains.
• Advanced certifications (e.g., OSCE, GREM, CISSP).

Responsibilities

• Lead the growth of the attack surface management program, develop and implement solutions to improve visibility into exposures, and contribute to the design and implementation of net-new capabilities.
• Continuously drive improvements in attack surface management processes, methodologies, and security toolsets to enhance operational effectiveness, automating where possible.
• Maintain Cybersecurity Standards, Attack Surface Management standard operating procedures, and runbooks.
• Collaborate with AppSec, DevOps, and cloud platform teams to secure deployments and integrate security best practices into the design of software and related systems, ensuring a secure-by-design approach.
• Maintain a map of Nordstrom’s attack surface through collaboration with network and offensive security teams, conducting regular assessments and reconnaissance activities, and leveraging dark web monitoring resources.
• Lead data-driven, risk-prioritized, enterprise-wide initiatives to reduce vulnerabilities and exposures across Nordstrom’s technologies; identify opportunities and champion architectural changes that reduce attack surface.
• Develop and present metrics to measure operational efficiency and attack surface risk.
• Maintain domain expertise by completing trainings, attending industry presentations, obtaining certifications, engaging with the cybersecurity community, and consuming threat intelligence sources.
• Support the growth of teammates’ domain expertise through mentorship, presentations, and knowledge-sharing sessions.
• Lead compliance activities for the domain, including evidence validation and submission, proactive control evaluation and mitigation of gaps, and assessments (e.g., PCI).

Benefits

• Medical/Vision
• Dental
• Retirement
• Paid Time Away
• Life Insurance
• Disability
• Merchandise Discount
• EAP Resources
• 401k
• Holidays