Senior Privacy & Cybersecurity Governance Analyst

Nordstrom

. Join Nordstrom's Technology team as a Senior Privacy & Cybersecurity Governance Analyst, where you'll play a pivotal role in leading strategic privacy and security governance initiatives across the enterprise.

Posted 4/23/2026full-timeSeattle • Washington • 🇺🇸 United StatesSenior💰 $142,000 - $220,500 per yearWebsite

Tech Stack

Tools & technologies

Cyber Security

About the role

Key responsibilities & impact

Join Nordstrom's Technology team as a Senior Privacy & Cybersecurity Governance Analyst, where you'll play a pivotal role in leading strategic privacy and security governance initiatives across the enterprise.
Serve as primary contact and subject matter expert for domain-specific data privacy activities.
Identify emerging privacy threats and trends and advise on strategic initiatives to enhance data protection across the organization.
Evaluate and enhance privacy related risk assessment processes.
Implement process improvements within their specialized privacy domain, developing standardized approaches and best practices.
Educate stakeholders on data privacy requirements through training sessions, workshops, and consultation.
Analyze legal and regulatory developments in privacy and assess their business impact.
Coordinate operational activities across multiple stakeholders to ensure comprehensive privacy and security input.
Identify and develop advanced risk management frameworks for holistic risk assessment and treatment.

Requirements

What you’ll need

5-7 years of experience in privacy, information security, legal, or compliance roles
Demonstrated leadership in privacy or security program/project delivery with proven ability to drive initiatives to completion
Practical experience operationalizing privacy regulations and security frameworks in business environments
Experience coordinating across multiple stakeholders to achieve comprehensive privacy and security outcomes
Hands-on experience building or maturing a third-party risk management (TPRM) function, including vendor assessment, risk tiering, and ongoing monitoring
Bachelor's or Master's degree in Information Technology, Computer Science, Engineering, Information Security, or related field, or equivalent work experience
IAPP certifications preferred (CIPP/US, CIPM, CIPT, or similar)
Advanced security certification required (CISSP, CISM, CISA, or equivalent)
Deep understanding of privacy regulations including U.S. privacy laws (CCPA/CPRA and emerging state privacy laws) and their practical application
In-depth knowledge of cybersecurity frameworks (NIST CSF, ISO 27001, CIS Controls, SOC 2, PCI DSS) and regulatory environments
Strong understanding of security controls, risk assessment methodologies, and compliance frameworks
Expertise in control design, implementation, and effectiveness assessment across multiple security domains
Demonstrated experience with project management tools (e.g., Jira, Confluence, Smartsheet, or similar) to manage initiative tracking, documentation, and cross-functional collaboration

Benefits

Comp & perks

Medical/Vision, Dental, Retirement and Paid Time Away
Life Insurance and Disability
Merchandise Discount and EAP Resources

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

privacy governancecybersecurity governancerisk assessmentthird-party risk managementvendor assessmentrisk tieringsecurity controlscontrol designcompliance frameworksproject management

Soft Skills

leadershipstakeholder coordinationcommunicationtrainingconsultationstrategic initiative deliveryprocess improvementanalytical skillsproblem-solvingcollaboration

Certifications

CIPP/USCIPMCIPTCISSPCISMCISA