Manager, PMT - GRC Compliance (Hybrid - Seattle, WA)

Posted 2 Days Ago
Be an Early Applicant
Seattle, WA
141K-258K Annually
Senior level
eCommerce • Fashion • Mobile • Software
The Role
The Technology Compliance Manager will oversee regulatory compliance efforts at Nordstrom, guiding assessments for PCI, HIPAA, and IT SOX audits, while developing a compliance program and supporting team growth. The role combines technical leadership with team management, aiming to improve compliance processes and maintain effective relationships with regulators and auditors.
Summary Generated by Built In

Job Description

As our Technology Compliance Manager, you will be responsible for building and executing our vision for regulatory compliance at Nordstrom. Working with a team of talented program managers, you will coordinate and run our annual PCI, HIPAA, IT SOX, and other regulatory assessments across the Nordstrom environment as well as support continuous compliance against our information security policies and standards. You will mature our program through the implementation of our common control framework, looking for ways to streamline and improve the efficiency and effectiveness of our compliance processes. You will provide guidance and thought leadership on our technical approach to meeting disparate requirements and will use data to direct the focus of continuous compliance efforts. Along the way, you will support and develop a team of compliance professionals, fostering a collaborative and trusting environment that allows each team member to meet their full potential. The ideal candidate will have deep knowledge of regulatory compliance domains along with a balance of technical leadership and people management skills. 

This role is hybrid. Candidates must be willing to work in office at the Seattle, WA headquarters a minimum of 3 days/week to be considered for this position.

A day in the life...

  • Managing all regulatory security compliance assessments including:

    • Execution of multiple PCI Level 1 Merchant assessment annually, across all brands and channels

    • Execution of annual HIPAA audits

    • Execution of annual IT SOX audits

    • Ownership of relationships with regulators and internal/external auditors

  • Providing guidance and best practices to Nordstrom engineers and leadership on how to effectively meet regulatory requirements

  • Providing input on our security policies and standards to ensure compliance with regulatory requirements

  • Developing and delivering metrics and measurements of compliance posture and assessment status for all channels

  • Supporting our Common Control Framework within compliance activities to improve efficiency of control testing efforts

  • Coordinating with our Internal Audit partners to improve our SOX and SOC audits

  • Setting the roadmap and vision for the Compliance team, collaborating with the broader Governance, Risk, and Compliance group

  • Improving our control posture, year over year, through measurement, prioritization, communication, and collaboration with partner teams

  • Developing and fostering a healthy and collaborative culture for your team that embodies both industry best practices and Nordstrom values

  • Growing and developing an incredible team of talented and motivated program managers and engineers with high expectations around individual ownership and impact

You own this if you have...

  • Broad and deep understanding of the retail business domain, including experience with online, phone order, and physical store sales channels

  • Knowledge of PCI assessment processes and requirements at a Level 1 merchant, including data centers, retail locations, call centers, and cloud computing environments

  • Working experience with security risk management frameworks including related regulatory compliance requirements (NIST CSF & 800-53, ISO27001 and ISO27002, SOX, HIPAA, PCI, CCPA, etc.)

  • Knowledge of how regulatory requirements can be met across a diverse set of technical environments—from legacy mainframe computers to containers in the cloud

  • Excellent written and verbal communications, including presentation skills, are important to be successful in this role. Proven ability to effectively communicate with all levels of the organization, as well as with external parties

  • Ability to foster collaborative, open, working relationships with technology and other stakeholders

  • Demonstrable ability to establish a vision, define a roadmap, and to execute on it

  • Pragmatism. You can prioritize, simplify, and make a path toward results

  • Proactive mindset. You seek the best solution for the company and customer and take action without being directed

  • Capability to truly listen to our customers and partners, internalize their needs and develop simple and elegant solutions that they can’t live without

  • A bias towards action guided by evidence-based decision-making mindset

  • Current PCI ISA certification for a retail corporation preferred

  • 5+ years of experience in retail security compliance preferred

  • Internal Audit experience preferred

We’ve got you covered…

Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:

  • Medical/Vision, Dental, Retirement and Paid Time Away
  • Life Insurance and Disability
  • Merchandise Discount and EAP Resources

A few more important points...

The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.

Nordstrom will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.

Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com

© 2022 Nordstrom, Inc  

Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.

Pay Range Details

The pay range(s) below are provided in compliance with state specific laws. Pay ranges may be different in other locations.

Washington: $141,000 - $258,000 AnnuallyThis position may be eligible for performance-based incentives/bonuses. Benefits include 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more. Eligibility requirements may apply based on location, job level, classification, and length of employment. Learn more in the Nordstrom Benefits Overview by copying and pasting the following URL into your browser: https://careers.nordstrom.com/pdfs/Ben_Overview_17-19.pdf

The Company
60,000 Employees
Remote Workplace
Year Founded: 1901

What We Do

When you join Nordstrom, you join a fast-paced and entrepreneurial environment is paired with the strong history and experience of the Nordstrom retail legacy. We have access to some of the greatest minds in retail and technology and are constantly creating innovative strategies to develop the ultimate apparel solutions.

Gallery

Gallery

Jobs at Similar Companies

bet365 Logo bet365

Human Resources Administrator

Digital Media • Gaming • Software • eSports • Automation
Denver, CO, USA
6100 Employees
57K-64K Annually

Jobba Trade Technologies, Inc. Logo Jobba Trade Technologies, Inc.

Senior Back End Developer

Cloud • Information Technology • Productivity • Professional Services • Software
Remote
Hybrid
Chicago, IL, USA
45 Employees
Louisville, CO, USA
69 Employees
111K-185K Annually

Similar Companies Hiring

TrainingPeaks (A Peaksware Company) Thumbnail
Software • Fitness
Louisville, CO
69 Employees
bet365 Thumbnail
Software • Gaming • eSports • Digital Media • Automation
Denver, Colorado
6100 Employees
Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Cloud
Chicago, IL
45 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account