Nordstrom

Senior Compliance Analyst – Continuous Compliance Framework (Hybrid - Seattle)

Nordstrom$142K — $220K *
Finance & Insurance
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 4–6 years of regulatory compliance experience with ownership of cross-functional initiatives
  • Hands-on experience with Continuous Compliance Framework (CCF) programs
  • Proficiency in configuring compliance programs within GRC tools
  • Demonstrated capability in developing KPIs and KRIs for compliance programs
  • Familiarity with PCI DSS for assessments and control testing
  • Experience in collaborating with engineering teams for automated control testing
  • Bachelor's or Master's in IT, Computer Science, Cybersecurity, or related field.

Responsibilities

  • Lead transformation and maturation of the Continuous Compliance Framework (CCF)
  • Configure and manage CCF module within the GRC tool
  • Collaborate with stakeholders to define control parameters and testing guidance
  • Document RACI models establishing ownership for controls
  • Design and implement KPIs and KRIs for compliance health reporting
  • Integrate CCF with risk management and governance programs
  • Engage with stakeholders to gather input on control requirements.

Benefits

  • Medical/Vision, Dental, and Retirement support
  • Life Insurance and Disability coverage
  • Merchandise Discount and Employee Assistance Program (EAP) resources
  • Paid Time Off (PTO) including holidays
  • Opportunity for performance-based incentives/bonuses
Full Job Description
Job Description

If you’re a compliance pro who thrives on building scalable, tech-enabled frameworks and wants to be at the forefront of AI-assisted testing and automation, we want to meet you. We are evolving our compliance program to move at the speed of our business, and we need a strategic lead to take the wheel.

Forget the traditional "box-checking" mentality. This role is for a compliance professional who thrives on building scalable, tech-enabled frameworks and wants to be at the forefront of AI-assisted testing and automation. Join the Governance, Risk, and Compliance (GRC) team as a Senior Analyst on the Compliance Assessment team. In this role, you will lead the transformation and maturation of our existing Continuous Compliance Framework (CCF)—tailoring controls to our organization, acting as the functional lead for the CCF module in our GRC tool, and collaborating across the business to define the parameters that keep us secure.

A critical aspect of this role is cross-functional collaboration with the Governance and Risk teams to ensure the CCF, risk management, and governance programs are integrated and mutually reinforcing. You will also support our audits and assessments such as PCI, contributing to the team’s broader compliance posture.

A Day in the Life…
Continuous Compliance Framework (CCF) Transformation
  • Lead the transformation and ongoing maturation of the CCF, including updating and tailoring controls to reflect the current organizational environment, risk profile, and regulatory landscape.
  • Configure and manage the CCF program module within Nordstrom’s GRC tool, ensuring accurate representation of controls, testing schedules, evidence requirements, and ownership assignments.
  • Collaborate with stakeholders across business and technology teams to define control language, testing frequency, and implementation guidance that is practical and aligned with operational realities.
  • Document RACI models for all controls within the CCF, establishing clear ownership and accountability across teams.
  • Design and implement KPIs and KRIs for the CCF and broader compliance program, enabling data-driven reporting on compliance health and risk exposure

GRC Program Integration
  • Work closely with the Governance and Risk teams to ensure the CCF, risk management program, and governance program are integrated, with aligned control sets, shared evidence, and coordinated reporting.
  • Identify opportunities to harmonize compliance controls with risk appetite and governance structures, reducing duplication and improving program efficiency.
  • Participate in cross-GRC planning sessions to align timelines, control mappings, and stakeholder engagement strategies across all three programs.
  • Support the development and communication of a unified GRC narrative for leadership, translating program health across risk, governance, and compliance into cohesive insights.

Compliance Assessment & Methodology
  • Partner with Security Engineers to design AI-driven testing and automated evidence collection features within the GRC tool; the Senior Analyst provides functional requirements while Engineers lead technical builds.
  • Serve as a subject matter partner to the PCI program owner to ensure CCF controls satisfy PCI DSS requirements and support the annual PCI assessment process.
  • Design and implement enterprise compliance assessment methodologies that integrate multiple regulatory domains (e.g., NIST, CIS, SOX, HIPAA, CCPA).
  • Develop operational standards and quality criteria for compliance processes, ensuring consistency and effectiveness across the organization.
  • Serve as a subject matter resource for control testing approaches, evidence collection, and documentation quality

Stakeholder Engagement
  • Engage cross-functional stakeholders to gather input on control design, testing feasibility, and ownership, building lasting partnerships that embed compliance into the technology ecosystem.
  • Lead workshops and working sessions with stakeholders to define control requirements, discuss testing approaches, and align on program direction.
  • Serve as a liaison with internal and external auditors as needed, representing the organization’s compliance posture and program maturity.
Strategic Alignment & Program Leadership
  • Align CCF activities with strategic business and security objectives by participating in medium-term planning (6–18 months) and ensuring compliance initiatives support organizational goals.
  • Contribute to the strategic vision and roadmap for the Compliance Assessment team, developing reusable, scalable solutions that enhance program efficiency and support organizational growth.
  • Coordinate cross-functional compliance initiatives to ensure comprehensive regulatory coverage and consistent execution.

You Own This If You Have…
Required Qualifications

Experience:

  • 4–6 years of regulatory compliance experience with demonstrated ownership of cross-functional compliance initiatives.
  • Direct experience building and managing Continuous Compliance Framework (CCF) or Common Control Framework programs.
  • Hands-on experience configuring compliance programs within GRC tools and platforms.
  • Experience working with stakeholders to define control language, RACI, and testing cadence.
  • Demonstrated experience developing KPIs and KRIs for compliance programs.
  • Familiarity with PCI DSS sufficient to support assessments and control testing activities.
  • Experience partnering with engineering or security teams to implement automated or AI-assisted control testing.
  • Proven ability to align compliance operations with strategic business objectives.

Education:

  • Bachelor’s or Master’s degree in Information Technology, Computer Science, Cybersecurity, or related field, or equivalent work experience.

Technical Knowledge:

  • Deep knowledge about multiple regulatory frameworks (CIS, NIST, SOX, HIPAA, CCPA, PCI DSS v4.x) and their control implications.
  • Experience testing technical controls and documenting evidence to support audits.
  • Understanding of enterprise compliance architecture and integrated control frameworks.
  • Familiarity with GRC tool configuration and workflow design.
  • Knowledge of AI/automation tools applicable to compliance testing and evidence collection.

Skills:

  • Strong control framework design and documentation capabilities.
  • Excellent stakeholder engagement and facilitation skills; able to drive consensus across technical and non-technical audiences.
  • Ability to develop and communicate KPIs/KRIs and compliance metrics to leadership.
  • Strong written and verbal communication skills, including experience presenting to senior leadership.
  • Self-directed and results-oriented; able to operate with autonomy, manage competing priorities, and drive programs to completion.
  • Collaborative mindset with the ability to work effectively across the GRC triad (risk, governance, compliance).

Preferred Qualifications

Certifications:

  • Professional certifications preferred: CISA, CRISC, CIPP, CIPM, or equivalent.
  • PCI ISA, QSA, or other PCI-related certifications a plus.

Additional Experience:

  • Experience with GRC platform implementation and administration.
  • Background in regulatory consulting or internal/external audit.
  • Experience leading enterprise-wide compliance transformation initiatives.
  • Proficiency in compliance automation, scripting, or security tooling.
  • Familiarity with AI/ML-assisted compliance or security monitoring tools.

Pay Range Details


The pay range(s) below has been provided in compliance with state specific laws. Pay ranges may be different for other locations. 
Pay offers are dependent on the location, as well as job-related knowledge, skills, and experience.

$142,000.00 - $220,500.00 Annual

 

We’ve got you covered…


Our employees are our most important asset and that’s reflected in our benefits. Nordstrom is proud to offer a variety of benefits to support employees and their families, including:

  • Medical/Vision, Dental, Retirement and Paid Time Away
  • Life Insurance and Disability
  • Merchandise Discount and EAP Resources

   

This position may be eligible for performance-based incentives/bonuses. Benefits include 401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more. Eligibility requirements may apply based on location, job level, classification, and length of employment. Learn more in the Nordstrom Benefits Overview by copying and pasting the following URL into your browser: https://careers.nordstrom.com/pdfs/Ben_Overview_17-19.pdf

 

A few more important points...


The job posting highlights the most critical responsibilities and requirements of the job. It’s not all-inclusive. There may be additional duties, responsibilities and qualifications for this job.

About Nordstrom

Acquired by Nordstrom in March 2011, HauteLook is a place where you'll discover thousands of the top fashion and lifestyle brands at amazing savings. Each day at 8 AM Pacific, shop new sale events featuring the best names in women's and men's fashion, beauty, and home décor at up to 75% off. Membership is free and everyone is welcome. HauteLook launched in 2007 and is headquartered in Los Angeles. See what the buzz is all about! Register now to become a HauteLook member. www.hautelook.com

Nordstrom Careers

Join the vibrant team at Nordstrom, a leader in the retail industry, where your career growth and development are prioritized. At Nordstrom, we offer a wide array of job opportunities that allow professionals to thrive in an innovative and supportive environment. Work You’ll Do At Nordstrom, we are committed to driving success not only for our company but for each individual who joins our team. Whether you are looking for a position in sales, management, or corporate roles, Nordstrom provides a platform for professional growth through hands-on experience and high-quality leadership training. Our commitment to diversity and inclusion ensures a workplace where everyone can truly belong and excel. Nordstrom’s market-leading team is at the forefront of retail innovation and customer service excellence. By joining us, you will collaborate with skilled professionals dedicated to reshaping the future of retail through cutting-edge technology and exceptional service strategies. Internship Programs Kickstart your career with a Nordstrom internship. Our programs offer invaluable industry insights and hands-on experience, making them a perfect starting point for students and recent graduates eager to make their mark in the retail sector. Interns at Nordstrom gain practical skills and are often considered for full-time positions, reflecting our commitment to nurturing talent from within. Employee Benefits and Culture Nordstrom’s reputation is built not only on our commitment to customers but also on our dedication to our team members. We offer a comprehensive benefits package that supports the health, well-being, and financial security of our employees and their families. Benefits at Nordstrom include health insurance, employee discounts, and access to wellness programs. Our culture at Nordstrom is one of collaboration, innovation, and respect. We believe in the power of working together as a team, where each member’s contribution is valued. Networking within the company is encouraged, fostering a community of support and continuous learning. Career Advancement Opportunities Nordstrom believes in the growth of our employees. With a variety of training and development programs, employees are equipped with the knowledge and skills needed to advance their careers within the company. Leadership development and succession planning are integral parts of our commitment to employee advancement. Join Our Team Explore the exciting career and employment opportunities available at Nordstrom today. We are actively hiring and looking for ambitious, creative, and driven individuals to join our team. Search open positions that match your skills and interests on our Jobs page. Stay Connected Keep up to date with the latest career tips, insider perspectives, and industry-leading insights—all from the people who work at Nordstrom. Subscribe to our Careers Blog and personalize your subscription to receive job alerts and the latest news tailored to your preferences. Discover the rewarding career opportunities waiting for you at Nordstrom, where we turn jobs into pathways for professional growth and personal achievement. Join us and be part of a company that values innovation, leadership, and a diverse and inclusive workplace.
Learn more about Nordstrom
Size
60,000 employees
Market Cap
$2.5 billion
Industry
Net Income
-$531 million
Founded
1901
5 Year Trend
-5.8%
Revenue
$10.7 billion
NASDAQ

Similar Jobs

More Jobs at Nordstrom

More Finance & Insurance Jobs

Find similar Senior Compliance Analyst – Continuous Compliance Framework (Hybrid - Seattle) jobs: