← Back to Jobs
Full Time

Senior Manager, Application Security (Hybrid - Seattle) - Nordstrom - Seattle, WA

Nordstrom

Apply Now
Seattle, WA
Google Jobs
Posted 11 days ago

We are seeking an experienced and strategic Senior Manager of Application Security to lead our application security team. This role is responsible for building and maturing our application security program, embedding security throughout the software development lifecycle (SDLC), and ensuring that Nordstrom’s applications and APIs are protected against evolving threats. The ideal candidate will drive technical strategy for application security tooling, scale secure-by-design practices, and lead initiatives to integrate security seamlessly into engineering workflows while building a high-performing AppSec team. You will partner closely with product engineering, platform, and DevOps teams to deliver security at the speed of development. The right leader will bring an AI-first mindset and a proven ability to enable their team to embrace and leverage AI in their day-to-day work.

Key Responsibilities:

Strategic Leadership & AppSec Program Vision

Develop and execute a strategic roadmap for application security across the SDLC, including secure code review, SAST/DAST/SCA tooling, API security, secrets management, and developer security enablement.Champion an AI-first approach to application security, identifying opportunities to leverage AI for vulnerability detection, code analysis, threat modeling automation, and developer guidance.Drive a shift-left security strategy, embedding security practices early in the development lifecycle and reducing time-to-remediation for application vulnerabilities.Create multi-quarter implementation plans for maturing the AppSec program, including bug bounty expansion, penetration testing cadence, and security champions growth, aligned with enterprise security and engineering objectives.Identify and prioritize application security investments based on threat intelligence, vulnerability trends, business risk, and the evolving attack surface of Nordstrom’s web, mobile, and API ecosystem.Establish meaningful AppSec metrics that demonstrat

Apply for this Position