Penetration Tester 2 (Hybrid - Seattle)

Seattle, WA

Full-time

Hybrid

$122K/yr - $188K/yr

Entry, Mid Level

Nordstrom is committed to delivering exceptional customer experiences while maintaining high security standards. The Penetration Tester II will conduct penetration tests across various environments, identify vulnerabilities, and collaborate with senior team members on complex engagements.

Apply Now

Responsibilities

Independently plan and execute reconnaissance activities across diverse systems and environments
Conduct standard penetration tests independently across networks, applications, and cloud environments with moderate support from Senior Analysts
Perform authenticated and unauthenticated testing to identify and confirm exploitable vulnerabilities
Execute exploitation of discovered vulnerabilities and thoroughly document security impact
Tune scanning and enumeration tools to minimize false positives and validate findings
Participate in purple team engagements, carrying out scripted simulations, and validating results
Document findings with detailed titles, affected assets, scope, and reproducible evidence
Provide actionable remediation guidance and safe interim mitigation strategies
Collaborate with development and infrastructure teams to validate fixes

Qualification

Required

2-4 years of hands-on experience in penetration testing, offensive security, ethical hacking, or related security assessment roles
Working knowledge of common penetration testing tools and frameworks (Cobalt Strike, Metasploit, Burp Suite, Nmap, BloodHound, or similar)
Understanding of network protocols, operating systems (Windows, Linux, macOS), and cloud platforms (AWS, Azure, GCP)
Familiarity with Active Directory, authentication mechanisms, and common exploitation techniques
Experience with scripting languages (Python, Bash, PowerShell)
Strong analytical and problem-solving skills with attention to detail
Clear written and verbal communication skills, including ability to translate technical findings for diverse audiences
Ability to work independently while knowing when to escalate or seek guidance
Strong organizational skills and ability to manage multiple concurrent assessments
Commitment to ethical standards and discretion when handling sensitive security information
Bachelors Degree or Masters in Information Technology, Computer Science, Cybersecurity or related experience required
Relevant certification(s) (e.g., Pentest+, CEH, GPEN, OSCP)

Preferred

Security Testing: Executes penetration tests and validates vulnerabilities
Security Engineering: Automates testing tasks and supports remediation
Threat Analysis: Identifies risks and communicates technical findings

Benefits

Medical/Vision, Dental, Retirement and Paid Time Away
Life Insurance and Disability
Merchandise Discount and EAP Resources
401k, medical/vision/dental/life/disability insurance options, PTO accruals, Holidays, and more.

Nordstrom is an online fashion retailer that specializes in fashion, footwear, accessories, and beauty.

Glassdoor