Manager, PMT - GRC Compliance (Hybrid - Seattle, WA) - Nordstrom
Seattle, WA 98194
About the Job
Job Description
As our Technology Compliance Manager, you will be responsible for building and executing our vision for regulatory compliance at Nordstrom. Working with a team of talented program managers, you will coordinate and run our annual PCI, HIPAA, IT SOX, and other regulatory assessments across the Nordstrom environment as well as support continuous compliance against our information security policies and standards. You will mature our program through the implementation of our common control framework, looking for ways to streamline and improve the efficiency and effectiveness of our compliance processes. You will provide guidance and thought leadership on our technical approach to meeting disparate requirements and will use data to direct the focus of continuous compliance efforts. Along the way, you will support and develop a team of compliance professionals, fostering a collaborative and trusting environment that allows each team member to meet their full potential. The ideal candidate will have deep knowledge of regulatory compliance domains along with a balance of technical leadership and people management skills.
This role is hybrid. Candidates must be willing to work in office at the Seattle, WA headquarters a minimum of 3 days/week to be considered for this position.
A day in the life...
+ Managing all regulatory security compliance assessments including:
+ Execution of multiple PCI Level 1 Merchant assessment annually, across all brands and channels
+ Execution of annual HIPAA audits
+ Execution of annual IT SOX audits
+ Ownership of relationships with regulators and internal/external auditors
+ Providing guidance and best practices to Nordstrom engineers and leadership on how to effectively meet regulatory requirements
+ Providing input on our security policies and standards to ensure compliance with regulatory requirements
+ Developing and delivering metrics and measurements of compliance posture and assessment status for all channels
+ Supporting our Common Control Framework within compliance activities to improve efficiency of control testing efforts
+ Coordinating with our Internal Audit partners to improve our SOX and SOC audits
+ Setting the roadmap and vision for the Compliance team, collaborating with the broader Governance, Risk, and Compliance group
+ Improving our control posture, year over year, through measurement, prioritization, communication, and collaboration with partner teams
+ Developing and fostering a healthy and collaborative culture for your team that embodies both industry best practices and Nordstrom values
+ Growing and developing an incredible team of talented and motivated program managers and engineers with high expectations around individual ownership and impact
You own this if you have...
+ Broad and deep understanding of the retail business domain, including experience with online, phone order, and physical store sales channels
+ Knowledge of PCI assessment processes and requirements at a Level 1 merchant, including data centers, retail locations, call centers, and cloud computing environments
+ Working experience with security risk management frameworks including related regulatory compliance requirements (NIST CSF & 800-53, ISO27001 and ISO27002, SOX, HIPAA, PCI, CCPA, etc.)
+ Knowledge of how regulatory requirements can be met across a diverse set of technical environments-from legacy mainframe computers to containers in the cloud
+ Excellent written and verbal communications, including presentation skills, are important to be successful in this role. Proven ability to effectively communicate with all levels of the organization, as well as with external parties
+ Ability to foster collaborative, open, working relationships with technology and other stakeholders
+ Demonstrable ability to establish a vision, define a roadmap, and to execute on it
+ Pragmatism. You can prioritize, simplify, and make a path toward results
+ Proactive mindset. You seek the best solution for the company and customer and take action without being directed
+ Capability to truly listen to our customers and partners, internalize their needs and develop simple and elegant solutions that they can't live without
+ A bias towards action guided by evidence-based decision-making mindset
+ Current PCI ISA certification for a retail corporation preferred
+ 5+ years of experience in retail security compliance preferred
+ Internal Audit experience preferred
We've got you covered...
Our employees are our most important asset and that's reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:
+ Medical/Vision, Dental, Retirement and Paid Time Away
+ Life Insurance and Disability
+ Merchandise Discount and EAP Resources
A few more important points...
The job posting highlights the most critical responsibilities and requirements of the job. It's not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.
Nordstrom will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.
Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com .
© 2022 Nordstrom, Inc
Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.
Pay Range Details
The pay range(s) below are provided in compliance with state specific laws. Pay ranges may be different in other locations.
Washington: $141,000 - $258,000 Annually
This position may be eligible for performance-based incentives/bonuses. Benefits include 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more. Eligibility requirements may apply based on location, job level, classification, and length of employment. Learn more in the Nordstrom Benefits Overview by copying and pasting the following URL into your browser: https://careers.nordstrom.com/pdfs/Ben\_Overview\_17-19.pdf
About Us
We're a fast-moving fashion company that started as a shoe store in 1901. This heritage of service is the foundation we're building on as we provide convenience and true connection for our customers. We empower our people to be innovative, creative and focused on providing the best service to our customers. Through it all, we remain committed to leaving the world better than we found it.
Whether you're a genius engineer, a phenomenal salesperson or a supply chain pro, we invite you to bring your unique talents and join our team. We reward great work, promote from within and celebrate diversity.
CUSTOMER OBSESSEDWe strive to know our customers better than anyone else. We listen, anticipate, build trust and move with speed to deliver on their needs.
OWNERS AT HEARTWe treat every interaction as an opportunity to make an impact and deliver excellence.
CURIOUS AND EVER CHANGINGWe approach problems with curiosity and create solutions. We unlock potential to be bold, think big and inspire innovation.
HERE TO WINWe're committed to delivering results, both today and tomorrow. We win as a team by supporting and challenging one another to be better every day.
WE EXTEND OURSELVESWe treat each other with respect and kindness. We do the small things that make a big difference. We create a welcoming environment, helping people feel connected, valued and part of one community.
Come on! Join us!
Source : Nordstrom