Lead Security Assessment Engineer - Nordstrom

Key Responsibilities

• Design and execute comprehensive security assessments for internal and third‑party applications, covering architecture, code, and configuration.
• Integrate AI/ML techniques to automate vulnerability detection, prioritize findings, and improve assessment scalability.
• Collaborate with development, DevOps, and product teams to define remediation plans and verify implementation of security controls.
• Develop and maintain assessment frameworks, checklists, and reporting templates aligned with industry standards (e.g., OWASP, NIST, ISO 27001).
• Mentor junior engineers and lead cross‑functional security review sessions to elevate the organization’s security posture.

Requirements

• 5+ years of hands‑on experience in application security assessments, penetration testing, or red‑team engagements.
• Proficiency with vulnerability scanning tools, static and dynamic analysis, and cloud security platforms (AWS, Azure, GCP).
• Demonstrated ability to apply AI/ML models or automation scripts to enhance security testing efficiency.
• Strong understanding of secure software development lifecycle (SDLC) and risk management frameworks.
• Excellent communication skills to convey technical findings to both technical and non‑technical stakeholders.