Job Description

The Incident Response Engineer is part of a key team of information security professionals responsible for conducting various incident response activities, including monitoring, assessing, and responding to security events in a diverse enterprise environment. You will apply your security knowledge and technical expertise to provide analysis that guides incident response investigations to monitor and respond to the information security systems that protect our customers.

Key Responsibilities

• Respond to security incidents promptly to mitigate damage or restore service, analyzing disparate data sources using approved tactics, techniques, tools and procedures with a goal of protecting systems and networks

• Memory and Dead-Disk forensic examinations of Windows systems. (OSX and *nix are a plus!)

• Knowledge of the chain of custody process and properly securing evidence

• Ability to mentor junior analysts/engineers

• Develop scripts, processes, and content to improve detective capabilities

• Handles security incidents in partnership with other support organizations to counteract malicious activity detected on the network.

• Develop and deliver metrics as requested

• Participate in on-call rotation with other team members

• Monitor diverse open sources to identify or verify threats or any security, social, political, economic or cultural factors that may create risk to the company

• Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and escalates when appropriate

• Understands the standards, concepts and principles of business analysis to address the practical needs of the business

• This position may be required to perform other related duties as assigned

DISCIPLINE SPECIFIC COMPETENCIES

• Sets expectations regarding process and customer-focused outcomes, navigating changes that arise and escalating issues appropriately

• Considers stakeholders' and business partners interests relative to customer needs

• Uses judgment to involve other senior team members when navigating difficult stakeholder issues

• Adjusts to changing situations and expectations and shows willingness to learn new ways to achieve goals

• Strong attention to detail

• Ability to maintain confidentiality

• Ability to work under short deadlines and in crisis situations

• Regulatory compliance experience in PCI, SOX, and HIPAA desirable

QUALIFICATIONS

• Bachelor’s degree or equivalent experience required.

• 3+ years of IT experience, preferably with security and incident response duties.

• Ability to reverse engineer malcode preferred

• Ability to write scripts/code using Python, Perl, Powershell, or an equivalent language

• Excellent written and verbal communications, including presentation skills, are important to be successful in this role.  Proven ability to effectively communicate with all levels of the organization, as well as with external parties.

• Excellent organizational and time management skills.

• Highly productive and resourceful, carries “Can do” attitude in approaching challenges, and a true self-starter.

• Ability to demonstrate a clear understanding, at an enterprise level, of application, network, infrastructure, and data security architecture.

• Excellent written and verbal communication skills

• Developed ability to prioritize daily tasks and operational demands

• Assertive and proactive in identifying and resolving issues and concerns

• Demonstrated ability to effectively summarize complex information and present in a concise and compelling manner

• GIAC certifications are preferred but not required.

• Wry sense of humor preferred

We’ve got you covered…

Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:

• Medical/Vision, Dental, Retirement and Paid Time Away
• Life Insurance and Disability
• Merchandise Discount and EAP Resources

A few more important points...

The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.

Nordstrom will consider qualified applicants with criminal histories in a manner consistent with all legal requirements.

Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com. 

Nordstrom Careers Privacy Policy: https://careers.nordstrom.com/#/contact-us/privacy

© 2020 Nordstrom, Inc. 

Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.