SIGN IN
Senior GRC Compliance Analyst (Hybrid, Seattle) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Nordstrom · 14 hours ago

Senior GRC Compliance Analyst (Hybrid, Seattle)

positionSeattle, WA
timeFull-time
remoteHybrid
senioritySenior Level
money$166K/yr - $258K/yr
date6+ years exp
Nordstrom is a leading retail company seeking a Senior GRC Compliance Analyst to join their Governance, Risk, and Compliance team. The role involves developing compliance assessment methodologies and operational standards, managing relationships with regulators, and leading compliance initiatives across various regulatory domains.
RetailE-CommerceFashion

Responsibilities

Mature and formalize the PCI DSS compliance program from foundational elements, establishing policies, procedures, RACI, and operational workflows that meet QSA and acquiring bank expectations
Design comprehensive compliance assessment methodologies for enterprise regulatory requirements, creating frameworks that integrate multiple regulatory domains and align with business objectives
Develop operational standards and quality criteria for compliance processes, ensuring consistency and effectiveness across the organization while meeting diverse regulatory requirements
Implement integrated controls across multiple regulatory and business domains, ensuring comprehensive compliance coverage and efficient resource utilization
Define, design and implement KPIs and KRIs for the compliance space
Manage third-party compliance assessments including external regulatory examinations, compliance consulting engagements, and specialized regulatory advisory projects
Serve as primary liaison with internal and external compliance auditors and stakeholders, representing the organization's compliance posture and remediation efforts
Make significant commitments for third-party compliance assessments, regulatory consulting, and compliance platforms within established enterprise frameworks
Align operational activities with strategic objectives by participating in medium-term planning (6-18 months) and ensuring compliance initiatives support business goals and regulatory expectations
Lead senior stakeholder workshops on complex regulatory topics, facilitating decision-making and consensus-building around compliance strategies and regulatory risk tolerance
Coordinate cross-functional regulatory initiatives across Legal, IT, Finance, and Business teams to ensure comprehensive regulatory coverage and strategic execution
Contribute to the strategic vision and roadmap for the Compliance Assessment Team, developing reusable, scalable solutions to enhance program efficiency and support organizational growth
Educate senior stakeholders on regulatory compliance requirements and changes through workshops, strategic sessions, and consultation to improve organizational compliance awareness and readiness
Facilitate decision-making processes around complex regulatory scenarios, helping leadership understand regulatory risk tolerance and compliance strategy options
Provide expert guidance on regulatory interpretation and application across diverse business contexts and technical environments

Qualification

PCI compliance programRegulatory compliance methodologiesTechnical scopingCommon Control FrameworkEnterprise compliance architectureOperational workflow designStakeholder managementCompliance automationCISACRISCCIPPCIPMCommunicationResults-oriented

Required

6-8 years of regulatory compliance experience with demonstrated leadership of cross-functional regulatory initiatives, including at least 2 years leading or building PCI programs
Proven track record of designing and implementing enterprise-level compliance methodologies across multiple regulatory domains
Demonstrated experience with technical scoping and de-scoping in hybrid on-premises and cloud PCI environments
Direct experience building and managing Common Control Framework (CCF) programs
Experience leading cross-functional technical teams through complex compliance initiatives
Demonstrated ability to align compliance operations with strategic business objectives through medium-term planning
Bachelor's or Master's degree in Information Technology, Computer Science, Cybersecurity, or related field, or equivalent work experience
Expertise in multiple regulatory domains and frameworks (CIS, NIST, SOX, HIPAA, CCPA, etc.) and deep understanding of PCI DSS v.4
Direct experience testing technical controls
Deep understanding of enterprise compliance architecture and integrated control frameworks
Knowledge of operational workflow design and process optimization for regulatory compliance
Experience developing operational standards and quality criteria for compliance processes
Advanced methodology development and enterprise framework design capabilities
Excellence in stakeholder management and external regulatory relationship management
Strong ability to facilitate senior leadership workshops and drive consensus on complex regulatory topics
Ability to make significant commitments and design workflows within enterprise governance structures
Excellent written and verbal communications, including presentation skills, and proven ability to effectively communicate with all levels of the organization, as well as with external parties and regulators
Strong bias for results and can operate with autonomy to address bottlenecks, provide escalation management, anticipate and make trade-offs, and encourage behavior to maximize business benefit

Preferred

Multiple advanced professional certifications preferred (CISA, CRISC, CIPP, CIPM)
Specialized certifications valued (Advanced PCI certifications, regulatory-specific credentials, or equivalent compliance management certifications)
Experience with GRC platform implementation and management
Background in regulatory consulting or audit firms
Experience leading enterprise-wide compliance transformation initiatives
Proficiency in compliance automation and security tooling

Benefits

Medical/Vision, Dental, Retirement and Paid Time Away
Life Insurance and Disability
Merchandise Discount and EAP Resources
401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more.

Company

Nordstrom

twittertwittertwitter
Glassdoor3.6
company-logo
Nordstrom is an online fashion retailer that specializes in fashion, footwear, accessories, and beauty.
dateFounded in 1901
location
Seattle, Washington, USA
people-size10001+ employees
web-link
http://www.nordstrom.com

Funding

Current Stage
Public Company
Total Funding
$969.45M
Key Investors
Ryan CohenEl Puerto de Liverpool
2024-12-23Acquired
2023-02-03Post Ipo Equity
2022-09-16Post Ipo Equity· $294.45M

Leadership Team

leader-logo
Erik Nordstrom
Chief Executive Officer
linkedin
leader-logo
Alexis DePree
Chief Operating Officer
linkedin

Recent News

24-7 Press Release Newswire
Clean Beauty Brand Madame Gabriela Launches at Nordstrom.com
2026-02-09
Newsweek
List of Companies Laying Off Employees in February
2026-02-02
Morningstar.com
LatinFinance announces Deals of the Year winners
2026-02-02
Company data provided by crunchbase