GRC Security Engineer

Role: GRC Security Engineer ( 6-8 years)

Duration: Fulltime

Location: Hyderabad

We're looking for a "Security Engineer" with a tech-first mindset that can help grow and enhance Nordstrom's Cybersecurity and Privacy Organization. We work to make technology the easiest part of our internal customers' jobs. This position will enable process clarity and efficiency and create new insights empowering Nordstrom for decades to come.

As an Engineer supporting our Governance, Risk, and Compliance (GRC) platform, you will play a crucial role in enhancing and maintaining our GRC infrastructure. Your technical expertise will ensure the efficiency, automation, and seamless operation of our GRC systems.  You will help empower Nordstrom's internal teams to achieve their best work through robust, stable, and innovative solutions.

Does the challenge of connecting systems to understand risk and compliance at an enterprise scale energize you? Does the idea of empowering teams through automation and data centralization sound intriguing? Do you want to build cool stuff and watch the programs you support excel?  If so, join our team and be part of a company that is at the cutting edge of retail technology, dedicated to delivering the products consumers love in a safe and secure environment.

Responsibilities:

Design, deploy, manage, and improve critical security infrastructure services/tools, including those for authentication and authorization, PKI, secrets management, logging, detection, vulnerability management, and more.

Develop and enhance our GRC platform, ensuring it meets evolving security needs.

Maintain robust system connectivity by ensuring comprehensive logging, monitoring/auditing, and management of security events for clear visibility.

Oversee workflow management to streamline and enhance security processes, ensuring efficient and effective handling of security operations and incident response.

Collaborate with both internal and external partners on all platform designs.

Continuously validate technology and processes to ensure alignment with our cyber strategy, risk management, and governance frameworks.

Operate within an Agile or Kanban sprint framework.

Prepare and maintain security documentation, including diagrams, standard build documents, and best practice procedures.

Requirements:

A bachelor's degree in computer science, Engineering, or a related field, or equivalent education and experience.

At least 5-7 years of experience in a security or technical engineering role.

A minimum of 5-7 years of experience supporting engineering platforms.

At least 5-7 years of experience with scripting and automation tools; certifications in Linux, Microsoft, or other network-related fields are preferred.

A minimum of 5-7 years working in agile development methodologies.

Proven ability to manage and track multiple projects and deliverables simultaneously.

Strong knowledge of systems and networking software, hardware, and networking protocols.

A minimum of 5-7 years' experience with scripting and automation tools.

Experience with coding languages such as Python, or Java.

A minimum of 5-7 years' experience coding languages such as Python, or Java.

Experience with Onspring, Archer or other similar GRC platforms.

Preferred Qualifications:

High-level understanding of a broad range of security topics, such as networking, cloud security, secure software, cryptography; CISSP or equivalent is a plus.

Experience with industry/regulatory security compliance frameworks such as SOX, PCI DSS, NIST SP800-53 is a plus.

System administration and IT certifications in Linux, Microsoft, or other network-related fields are a plus.

Experience with AI prompt engineering and a solid understanding of underlying AI models and mechanics

Job Type: Full-time

Pay: ₹543, ₹1,808,741.11 per year

Application Question(s):

• How many years of experience into GRC
• How good are you with Python or Java

Work Location: In person