×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Data Security IT Consultant

Sr. Director, Governance, Risk, and Compliance; GRC

Job in Seattle, King County, Washington, 98113, USA
Listing for: Nordstrom Inc.
Full Time position
Listed on 2026-06-01
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security, IT Consultant
Job Description & How to Apply Below
Position: Sr. Director, Governance, Risk, and Compliance (GRC)
Job Description

JOB SUMMARY:

At Nordstrom, trust is foundational-to our customers, our employees, and our partners. The Senior Director of Governance, Risk, and Compliance (GRC) plays a critical role in protecting and enabling that trust by ensuring the company can innovate, grow, and serve customers securely and responsibly. This role is central to safeguarding the Nordstrom brand while supporting exceptional, frictionless customer experiences across an omni‑channel business.

The Senior Director of GRC is a highly visible leader responsible for building and maturing a modern, enterprise‑wide GRC function. This leader ensures governance, risk, and compliance are not barriers to progress, but strategic enablers of secure growth, digital transformation, and operational excellence.

Partnering closely with the CISO and senior leaders across Technology, Legal, Finance, HR, and the business, this role translates complex cybersecurity, regulatory, and enterprise risks into clear, actionable insights that inform executive decision‑making. Success requires strong executive presence, deep GRC expertise, and a service‑oriented mindset-balancing rigor with pragmatism in a customer‑facing environment where brand reputation and trust matter every day.

The role is based in Seattle reporting directly to the Chief Information Security Officer.

A Day in the Life…

* Partner closely with the Chief Information Security Officer (CISO) to shape and execute a modern, enterprise‑wide GRC strategy aligned to business priorities and risk appetite

* Lead governance, risk, and compliance programs that enable secure growth while maintaining regulatory rigor across a complex, customer‑facing organization

* Translate cybersecurity, regulatory, and enterprise risk into clear, actionable insights for executive leadership and senior stakeholders

* Review and guide enterprise risk assessments across cyber, IT, third‑party, and operational domains, ensuring risks are understood, prioritized, and actively managed

* Oversee internal and external audit activities, ensuring strong coordination, timely remediation, and continuous readiness rather than point‑in‑time compliance

* Drive executive‑ and Board‑level risk reporting through dashboards, metrics, and storytelling that inform decision‑making

* Partner daily with Legal, Technology, Finance, HR, and business leaders to embed risk management into strategy, transformation initiatives, and vendor relationships

* Lead and develop a high‑performing GRC organization, setting clear priorities, accountability, and operating rhythms

* Evaluate and optimize GRC tools and platforms, advancing automation and scalable risk and compliance management

* Stay ahead of emerging regulatory requirements, industry trends, and best practices, advising the CISO on implications and recommended actions

You Own This if You Have…

* 10+ years of progressive experience in governance, risk, compliance, information security, or enterprise risk management, including 5+ years in senior leadership roles

* Proven success building, scaling, or transforming enterprise GRC programs in complex, regulated environments

* Strong executive presence with the ability to influence senior leaders and translate risk into business‑relevant outcomes

* Deep expertise across cybersecurity risk, IT risk, enterprise risk, third‑party risk, and regulatory compliance frameworks

* Demonstrated experience partnering closely with a CISO and security leadership to align risk, compliance, and security strategy

* A track record of advancing compliance from point‑in‑time audits to continuous readiness and control optimization

* Experience developing executive‑level dashboards, metrics, and reporting for senior leadership, audit committees, or Boards

* Strong cross‑functional leadership skills, with the ability to align Legal, Technology, Finance, HR, and business teams around shared risk ownership

* Familiarity with leading GRC platforms and automation tools (e.g., Service Now GRC, Archer, One Trust)

* Excellent written and verbal communication skills, with the judgment to operate effectively in high‑impact, ambiguous situations

We've got you covered…

Our employees…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search