-
Senior Manager, Threat Intelligence & Detection…
- Nordstrom (Seattle, WA)
-
Job Description
We are looking for an experienced and visionary Senior Manager of Threat Intelligence and Detection Engineering to lead our proactive defense initiatives. In this role, you will oversee the development and refinement of our threat detection capabilities, leverage intelligence to anticipate and mitigate threats, and guide a team of threat analysts and detection engineers. You will play a critical role in advancing our threat-informed defense strategy and maturing our security operations program.
Responsibilities
+ Develop and execute the strategic roadmap for threat intelligence, detection engineering, and threat hunting programs across multiple business units
+ Build, lead, and mentor a high-performing team of detection engineers, threat analysts, and hunters
+ Serve as the primary subject matter expert and strategic advisor to executive leadership on evolving threat landscapes, defensive priorities, and organizational risk posture
+ Operationalize threat intelligence by integrating internal and external intel into detection engineering workflows
+ Maintain and evolve threat intelligence sources (commercial, open-source, government) to inform risk posture and detection priorities
+ Deliver actionable threat assessments and briefings tailored to technical and executive stakeholders
+ Lead the full detection engineering lifecycle including threat modeling, detection logic development using query languages (KQL, SPL, SQL), testing with attack simulation frameworks, automated deployment via CI/CD, and continuous tuning based on performance metrics
+ Drive development of advanced behavior-based, anomaly detections, and AI/ML-powered detection systems aligned with MITRE ATT&CK and emerging threat actor TTPs
+ Establish strategic partnerships with red team, SOC and incident response management to ensure comprehensive detection coverage and proactive visibility gap closure
+ Lead enterprise-wide collaboration with cloud architects, infrastructure leadership, and application development teams to enhance telemetry strategies and ensure scalable detection across complex hybrid and multi-cloud environments
+ Drive strategic contributions to enterprise incident response frameworks, lead tabletop exercises, and oversee purple team program development to continuously test and improve organizational defenses
+ Champion automation initiatives and establish data-driven decision-making frameworks across all threat detection and response operations
+ Define, implement, and report on enterprise-level key performance indicators (KPIs) for detection effectiveness, operational efficiency, false positive optimization, and mean time to detection (MTTD) across the organization
+ Integrate security detection into CI/CD pipelines and support DevSecOps initiatives
+ Manage budgets, vendor relationships, and technology investments for threat intelligence and detection engineering programs
+ Establish and maintain strategic relationships with industry peers, threat intelligence communities, and security vendors
Required Qualifications
+ Bachelors Degree in Information Technology, Computer Science, Data Science or related experience required.
+ 8+ years in information security with a focus on threat intelligence, detection engineering, or security operations
+ 3-5 years in a leadership or management role with a track record of leading high-performing technical teams
+ Deep expertise in attacker behaviors, threat actor TTPs, campaigns, and threat landscape evolution across multiple industry verticals
+ Extensive experience designing, implementing, and optimizing enterprise-scale detections across multiple SIEMs (e.g., Splunk, Sentinel, Chronicle), EDR/XDR platforms (e.g., CrowdStrike, Defender, SentinelOne), and cloud-native security tools
+ Strong working knowledge of MITRE ATT&CK, threat modeling, and structured threat intelligence formats (e.g., STIX, TAXII)
+ Proficiency in Python, PowerShell, and at least one other programming language for detection engineering and automation
+ Experience with detection-as-code practices and version control (Git)
+ Knowledge of threat hunting methodologies and hypothesis-driven investigations
+ Comprehensive understanding of NIST Cybersecurity Framework, ISO 27001, SOC 2, and other compliance requirements with implementation experience
+ Hands-on experience in cloud environments (AWS, Azure, GCP) and containerized workloads (e.g., Kubernetes, ECS) preferred
+ Experience with threat intelligence platforms (e.g., ThreatConnect, MISP, Anomali) and CTI frameworks (e.g., Diamond Model, Kill Chain) is a plus
+ Advanced knowledge of SOAR platforms (Phantom, Demisto, Swimlane) and enterprise security orchestration
+ Experience with AI/ML-driven detection systems and automated response orchestration is a plus
+ API development and integration for security tooling experience preferred
+ Container security and Kubernetes threat detection knowledge is a plus
+ Experience with deception technology and honeypot deployment preferred
+ Industry certifications (e.g., GCTI, GCIA, GDAT, GCED, GCFA, GSEC, CISSP) preferred; cloud security certifications (AWS Security Specialty, Azure Security Engineer) are a plus
We’ve got you covered…
Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:
+ Medical/Vision, Dental, Retirement and Paid Time Away
+ Life Insurance and Disability
+ Merchandise Discount and EAP Resources
A few more important points...
The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.
Nordstrom conducts background checks and considers qualified applicants with criminal histories in a manner consistent with all legal requirements.
Applicants with disabilities who require assistance or accommodation should contact the nearest Nordstrom location, which can be identified at www.nordstrom.com .
Please be mindful that there may be legal notices and requirements related to this job posting that are specific to your state. Review the Career Site FAQ’s (https://careers.nordstrom.com/#/contact-us/faq) for relevant information and guidelines.
• 2022 Nordstrom, Inc
Current Nordstrom employees: To apply, log into Workday, click the Careers button and then click Find Jobs.
Pay Range Details
The pay range(s) below has been provided in compliance with state specific laws. Pay ranges may be different for other locations. Pay offers are dependent on the location, as well as job-related knowledge, skills, and experience.
$191,000.00 - $297,000.00 Annual
This position may be eligible for performance-based incentives/bonuses. Benefits include 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more. Eligibility requirements may apply based on location, job level, classification, and length of employment. Learn more in the Nordstrom Benefits Overview by copying and pasting the following URL into your browser: https://careers.nordstrom.com/pdfs/Ben\_Overview\_17-19.pdf
About Us
We’re a fast-moving fashion company that started as a shoe store in 1901. This heritage of service is the foundation we’re building on as we provide convenience and true connection for our customers. We empower our people to be innovative, creative and focused on providing the best service to our customers. Through it all, we remain committed to leaving the world better than we found it.
Whether you’re a genius engineer, a phenomenal salesperson or a supply chain pro, we invite you to bring your unique talents and join our team. We reward great work, promote from within and celebrate diversity.
CUSTOMER OBSESSEDWe strive to know our customers better than anyone else. We listen, anticipate, build trust and move with speed to deliver on their needs.
OWNERS AT HEARTWe treat every interaction as an opportunity to make an impact and deliver excellence.
CURIOUS AND EVER CHANGINGWe approach problems with curiosity and create solutions. We unlock potential to be bold, think big and inspire innovation.
HERE TO WINWe’re committed to delivering results, both today and tomorrow. We win as a team by supporting and challenging one another to be better every day.
WE EXTEND OURSELVESWe treat each other with respect and kindness. We do the small things that make a big difference. We create a welcoming environment, helping people feel connected, valued and part of one community.
Come on! Join us!
-
Recent Jobs
-
Senior Manager, Threat Intelligence & Detection Engineering (Hybrid - Seattle)
- Nordstrom (Seattle, WA)
-
Executive Director, Oncology Clinical Development
- Eisai, Inc (Nutley, NJ)
-
Plant Manager
- System One (Goodyear, AZ)
-
Aircraft Ordnance Systems Mechanic
- Headquarters, Air Force Reserve Command (Whiteman AFB, MO)