Talent.com
Senior Program Manager - GRC - Compliance Assessments (Hybrid - Seattle)

Senior Program Manager - GRC - Compliance Assessments (Hybrid - Seattle)

Seattle StaffingSeattle, WA, US
6 days ago
Job type
  • Full-time
Job description

Senior Program Manager Tech

As a senior program manager within Nordstrom's Governance, Risk, and Compliance (GRC) team, you will be a key member of our Compliance Assessment (CA) team. We build scalable compliance programs to enhance Nordstrom's security posture, reduce risk, and ensure audit success across complex regulatory frameworks. In this role, you will lead compliance assessments working directly with external assessors, partnering with internal stakeholders in both business and technical roles to create specifications and resolve issues with an eye toward continuous improvement. You will work across department and functional lines on a variety of programs that range in scope, risk, and complexity.

Are you a skilled program manager who enjoys managing security assessments? Do you have a passion for protecting companies from the latest security threats? Do you think about ways to foster continuous improvement in security controls using AI and automation? Join our team and be part of a company that is on the cutting edge of retail technology geared at getting consumers the products they love in a safe and secure environment.

A day in the life...

  • Provide guidance and best practices to Nordstrom engineers and leadership on how to effectively meet regulatory requirements
  • Serve as a PCI subject matter expert and manage the annual merchant assessment
  • Support various regulatory and security assessments and applies both qualitative and quantitative assessment techniques and develops test approaches for compliance validation
  • Manage the full lifecycle of applicable risk / compliance remediation plans, including the development of detailed treatment plans, their documentation, rigorous tracking, and validation of efforts from internal stakeholders
  • Drive the standardization and enhancement of assessment programs and improve the Common Control Framework to increase control testing efficiency
  • Provide input and guidance on our security policies and standards to ensure compliance with regulatory requirements
  • Identify and implement process improvements to enhance operational efficiency
  • Contribute to the strategic vision and roadmap for the Compliance Assessment Team, supporting the development of reusable, scalable solutions to enhance program efficiency and support organizational growth
  • Define KPIs and KRIs and continuously measure and report on the effectiveness of our control posture, driving year-over-year improvement and sustained audit success
  • Mentor and support the growth of other program managers within the team, fostering a culture that values individual ownership and impact

You own this if you have...

  • Bachelor's or Master's degree in a relevant field of study, or equivalent work experience
  • 5+ years of demonstrated successful program management and delivery experience
  • 5+ years of experience managing technically complex PCI assessments end to end with external assessors and a deep knowledge of PCI assessment processes and requirements at a Level 1 merchant, including data centers, retail locations, call centers, and cloud computing environments
  • Demonstrated proficiency with security and regulatory frameworks (CIS, NIST, SOX, HIPAA, PCI DSS, CCPA, etc.)
  • Broad and deep understanding of the retail business domain, including experience with online, phone order, and physical store sales channels
  • Knowledge of how regulatory requirements can be met across a diverse set of technical environmentsfrom legacy mainframe computers to containers in the cloud
  • Experience building or maintaining a Common Control Framework
  • Strong bias for results and can operate with autonomy to address bottlenecks, provide escalation management, anticipate and make trade-offs, and encourage behavior to maximize business benefit
  • Highly collaborative skillsets and can build and leverage relationships with internal and external stakeholders
  • Excellent written and verbal communications, including presentation skills, and proven ability to effectively communicate with all levels of the organization, as well as with external parties

    • Preferred Qualifications :

  • Experience with assessment automation
  • Technical background and demonstrated proficiency in security tooling
  • Experience with Onspring or Archer GRC platforms
  • CPA, CIA, CISA, CISM, CISSP, or similar certifications preferred

    • We've got you covered Our employees are our most important asset and that's reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including : Medical / Vision, Dental, Retirement and Paid Time Away, Life Insurance and Disability, Merchandise Discount and EAP Resources.

    The job posting highlights the most critical responsibilities and requirements of the job. It's not all-inclusive. There may be additional duties, responsibilities and qualifications for this job. Nordstrom conducts background checks and considers qualified applicants with criminal histories in a manner consistent with all legal requirements. Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com. Please be mindful that there may be legal notices and requirements related to this job posting that are specific to your state. Review the Career Site FAQ's for relevant information and guidelines.

    About Us : We're a fast-moving fashion company that started as a shoe store in 1901. This heritage of service is the foundation we're building on as we provide convenience and true connection for our customers. We empower our people to be innovative, creative and focused on providing the best service to our customers. Through it all, we remain committed to leaving the world better than we found it. Whether you're a genius engineer, a phenomenal salesperson or a supply chain pro, we invite you to bring your unique talents and join our team. We reward great work, promote from within and celebrate diversity.

    Create a job alert for this search

    Senior Program Manager Compliance • Seattle, WA, US