Senior Risk Management Analyst (Hybrid - Seattle) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Nordstrom · 15 hours ago

Senior Risk Management Analyst (Hybrid - Seattle)

positionSeattle, WA
timeFull-time
remoteHybrid
senioritySenior Level
money$166K/yr - $258K/yr
date6+ years exp

Nordstrom is a leading retail technology company, seeking a Senior Risk Management Analyst to shape their enterprise cybersecurity risk strategy. The role involves designing comprehensive risk assessment methodologies, managing cybersecurity risk initiatives, and aligning operational activities with strategic business objectives.

E-CommerceFashionRetail
check
H1B Sponsor Likelynote

Responsibilities

Design comprehensive assessment methodologies for enterprise cybersecurity risks, creating frameworks that integrate multiple risk domains and align with business objectives
Develop operational standards and quality criteria for risk management processes, ensuring consistency and effectiveness across the organization
Design operational workflows that optimize risk management processes while maintaining audit trail integrity and regulatory compliance
Implement integrated controls across multiple technology and business domains, ensuring comprehensive risk coverage and efficient resource utilization
Manage third-party risk assessments including external audit engagements, vendor security evaluations, and specialized consulting projects
Serve as primary liaison with external auditors and risk stakeholders, representing the organization's cybersecurity risk posture and remediation efforts
Make significant commitments for audit engagements, third-party risk assessments, and GRC platforms within established enterprise frameworks
Align operational activities with strategic objectives by participating in medium-term planning (6-18 months) and ensuring risk initiatives support business goals and regulatory expectations
Lead senior stakeholder workshops on complex risk topics, facilitating decision-making and consensus-building around risk tolerance and treatment strategies
Coordinate cross-functional risk initiatives across Security, IT, Legal, and Business teams to ensure comprehensive risk coverage and strategic execution
Contribute to the strategic vision and roadmap for Enterprise Risk Management, developing reusable, scalable solutions to enhance program efficiency and support organizational growth
Educate senior stakeholders on cybersecurity risk requirements and emerging threats through workshops, strategic sessions, and consultation to improve organizational risk awareness and readiness
Facilitate decision-making processes around complex risk scenarios, helping leadership understand risk tolerance options and treatment strategies
Provide expert guidance on risk assessment and treatment across diverse business contexts and technical environments

Qualification

Cybersecurity risk managementRisk assessment methodologiesExternal audit managementEnterprise risk architectureOperational workflow designGRC platform implementationAdvanced certificationsStakeholder managementLeadership workshopsCommunication skills

Required

6-8 years of cybersecurity risk management experience with demonstrated leadership of cross-functional initiatives
Proven track record of designing and implementing enterprise-level risk methodologies across multiple domains
Experience managing external audit engagements and serving as primary liaison with auditors and risk stakeholders
Demonstrated ability to align risk operations with strategic business objectives through medium-term planning
Bachelor's or Master's degree in Information Technology, Computer Science, Cybersecurity, Risk Management, or related field, or equivalent work experience
Expertise in multiple cybersecurity risk domains and frameworks (NIST CSF, ISO 27001, NIST RMF, CIS Controls, SOC 2, PCI DSS)
Deep understanding of enterprise risk architecture and integrated control frameworks
Knowledge of operational workflow design and process optimization for risk management
Experience developing operational standards and quality criteria for risk management processes
Advanced methodology development and enterprise framework design capabilities
Excellence in stakeholder management and external audit relationship management
Strong ability to facilitate senior leadership workshops and drive consensus on complex risk topics
Ability to make significant commitments and design workflows within enterprise governance structures
Excellent written and verbal communications, including presentation skills, and proven ability to effectively communicate with all levels of the organization, as well as with external parties and auditors
Strong bias for results and can operate with autonomy to address bottlenecks, provide escalation management, anticipate and make trade-offs, and encourage behavior to maximize business benefit

Preferred

Master's degree in Cybersecurity, Risk Management, or Business Administration valued
Multiple advanced professional certifications preferred (CISSP, CRISC, CISA, CISM)
Specialized certifications valued (CISSP-ISSAP, CISSP-ISSEP, SABSA, TOGAF, or equivalent architecture/management certifications)
Experience with GRC platform implementation and management
Background in consulting or audit firms focused on cybersecurity risk
Experience leading enterprise-wide risk transformation initiatives
Technical background with demonstrated proficiency in security tooling and automation

Benefits

Medical/Vision, Dental, Retirement and Paid Time Away
Life Insurance and Disability
Merchandise Discount and EAP Resources
401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more.

Company

Nordstrom

twittertwittertwitter
Glassdoor3.6
company-logo
Nordstrom is an online fashion retailer that specializes in fashion, footwear, accessories, and beauty.
dateFounded in 1901
location
Seattle, Washington, USA
people-size10001+ employees
web-link
http://www.nordstrom.com

H1B Sponsorship

Nordstrom has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (188)
2024 (231)
2023 (190)
2022 (311)
2021 (280)
2020 (208)

Funding

Current Stage
Public Company
Total Funding
$969.45M
Key Investors
Ryan CohenEl Puerto de Liverpool
2024-12-23Acquired
2023-02-03Post Ipo Equity
2022-09-16Post Ipo Equity· $294.45M

Leadership Team

leader-logo
Erik Nordstrom
Chief Executive Officer
linkedin
leader-logo
Alexis DePree
Chief Operating Officer
linkedin

Recent News

Newsweek
List of Companies Laying Off Employees in February
2026-02-02
Morningstar.com
LatinFinance announces Deals of the Year winners
2026-02-02
Retail Dive
Nordstrom to move downtown Seattle Rack store to historic building
2026-01-23
Company data provided by crunchbase