Cloud Security Engineer
- 225 S Sepulveda Blvd, Manhattan Beach, CA 90266, USA
- Employment Status: Regular
Headquartered in Southern California, Skechers has spent nearly 30 years helping men, women and kids everywhere look and feel good. Developing comfort technologies is at the foundation of all that we do—delivering stylish, innovative, and quality products at a reasonable price. From our diverse footwear offering to a growing range of apparel and accessories, Skechers is a complete lifestyle brand.
With international business representing over half of our total sales, we have product available in more than 170 countries and significant opportunities for continued expansion worldwide. We sell our collections direct to consumers through more than 4,000 Skechers stores around the globe and Skechers e-commerce sites, as well as through a network of third-party partners.
A MULTI-BILLION-DOLLAR GLOBAL LEADER IN THE FOOTWEAR INDUSTRY.
The Cloud Security Engineer at Skechers is a key member of our global information security team who will work as a subject matter expert, trusted partner, and ambassador to help protect Skechers critical customer facing and core business applications. We are looking for someone who is passionate about detecting & preventing security threats, and integrating security tools into daily operations, security architecture, full stack security design, and cloud infrastructure. They will be responsible for the mentorship of fellow contributors within the department, as well as leading projects on behalf of the Information Security Office.
Skechers’ increasingly digital, cloud first technology strategy demands an individual who is well versed in modern application development and public cloud infrastructure and brings a broad understanding of secure development and general information security best practices. The candidate who will find the most success and fulfillment brings a genuine interest and passion for information security, a love for learning, a positive attitude, a desire to roll up their sleeves and dive into the deep end, and a belief that being excellent doesn’t mean you have to give up on having fun.
ESSENTIAL JOB RESULTS
- Collaborate with various groups in the global technology organization in developing & implementing Cloud Security initiatives to ensure continuous alignment with security standards & requirements across all cloud environments.
- Implement technical cloud controls to effectively reduce the risk of cloud-based security vulnerabilities, including drift-resiliency, private cloud network gaps, and web-facing threats.
- Perform threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.
- Work with Application, DevOps, & Cloud teams to provide remediation guidance and perform post-remediation validation
- Utilize agile methodology by making iterative progress toward achieving individual, team, and organizational objectives.
- Monitor industry trends around cloud security to keep requirements and solutions in line with the threat landscape.
- Stay up to date and informed on changing IT and information security trends
- Create, communicate, and continuously monitor and improve metrics and KPIs
- Manage vendor relationships for both technology & operations
- Collaborate effectively with diverse internal teams to help drive security maturity
- Collaborate with the Information Security team to ensure successful completion of our roadmaps and initiatives.
- Contribute positively to the culture of information security across the organization
- Knowledge of security best practices in hardening & protecting cloud environments, networks, servers, endpoints, applications, and database.
- Experience in running & maintaining software, operating a large cloud deployment, or creating & triaging alerts around the health & security of systems.
- Deep experience providing security threat assessments, considerations, and technical guidance for cloud/application/network architecture.
- Experience with IT and cybersecurity architecture across the systems development lifecycle in cloud security engineering, requirements development, implementation, and maintenance.
- Familiarity with security tools & technologies such as KMS, Inspector, AWS WAF, Shield, Security Hub, Secrets Manager, Firewall Manager, Amazon Detective, Macie, IAM, proxies, IPS/IDS devices, CSPM, CWPP, etc.
- Ability to communicate issues effectively to both technical and non-technical audiences
- Experience working with security vendors and developing recommendations based on evaluating products and analyzing functionality
- Excellent written and oral communication skills
- Excellent analytical skills, organizational skills, ingenuity, and ability to work as part of a team.
- Experience with infrastructure and security operations, vulnerability management, and patch and configuration management.
- Strong work ethic with attention to detail
- Ability to excel in a fast paced and rapidly changing environment
- Up to date with security attacks and latest security research
EDUCATION AND EXPERIENCE
- 5+ years of hands on development, IT infrastructure, cloud engineering or related experience
- 2+ years of experience in security assessments against cloud platforms or applications, cloud engineering, or cloud security engineering
- Strong understanding of cloud & cloud-native technology with specific understanding of how security risks manifest in those environments
- Deep experience with Amazon Web Services
- Strong knowledge of network and application protocols and their associated security implications (TCP/IP, HTTP, TLS, SSH, DNS, etc.)
- Experience with programming & scripting languages such as Java, .NET, Python, Perl, PowerShell, Scala, etc. a plus
- GIAC, Cloud+, or AWS Security Certified a plus
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The skills, abilities and physical demands described are representative of those duties that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities, who are otherwise qualified for the job position, to perform the essential functions.
While performing the duties of this job, the employee is regularly required to stand; use hands to finger, handle, or feel, and talk or hear. The employee frequently is required to walk; sit, reach with hands and arms, and stoop, kneel. The employee is occasionally required to sit for long period of times.