onsite

Senior Application Security Engineer - Nordstrom

Security Engineer

Lead the creation of secure‑by‑default patterns, tooling, and automation for web, mobile, and API platforms, partnering with engineering and DevOps to embed security throughout the development lifecycle.

About the role

Key Responsibilities

Design and implement secure‑by‑default frameworks, libraries, and CI/CD integrations for web, mobile, and API services.
Develop automated security tooling (static analysis, dependency scanning, runtime protection) and define paved‑road standards for engineering teams.
Collaborate with product, DevOps, and security peers to embed threat modeling, risk assessment, and remediation guidance early in the development process.
Conduct deep‑dive security reviews and code audits for high‑risk applications where automated tools fall short.
Mentor engineers on secure coding practices, provide security training, and champion a culture of continuous security improvement.

Requirements

5+ years of hands‑on experience in application security, secure software development, or related fields.
Proficiency with security testing tools (SAST, DAST, SCA) and automation in CI/CD pipelines (Jenkins, GitHub Actions, GitLab CI).
Strong understanding of web, mobile, and API security standards (OWASP Top 10, OAuth, JWT, TLS).
Experience building security tooling or libraries that are adopted across multiple engineering teams.
Excellent communication skills and ability to work cross‑functionally with product, DevOps, and security stakeholders.

Skills

cicd

CompanyNordstrom

DepartmentEngineering

LocationSeattle, Washington, United States

Experience5+ years

Tenurefull-time

LevelSenior

Salary258,500

Posted June 25, 2026