Headquartered in Southern California, Skechers has spent nearly 30 years helping men, women and kids everywhere look and feel good. Developing comfort technologies is at the foundation of all that we do—delivering stylish, innovative, and quality products at a reasonable price. From our diverse footwear offering to a growing range of apparel and accessories, Skechers is a complete lifestyle brand.

With international business representing over half of our total sales, we have product available in more than 170 countries and significant opportunities for continued expansion worldwide. We sell our collections direct to consumers through more than 4,000 Skechers stores around the globe and Skechers e-commerce sites, as well as through a network of third-party partners.

A MULTI-BILLION-DOLLAR GLOBAL LEADER IN THE FOOTWEAR INDUSTRY.

JOB PURPOSE-

 Working as part of the information security office within the IT department at Skechers, the GRC analyst will be responsible for leading the day-to-day IT compliance, data governance, and IT risk management functions. The role will include primary responsibility for defining, creating, and managing IT and organizational policies and standards in support of legal and regulatory compliance needs as well as general IT and organizational information security practices.

ESSENTIAL JOB RESULTS-

 ·      Collaborate to define IT security standards and develop supporting organizational policies.

·      Perform security and compliance assessments on new and existing systems, processes, technology.

·      Support vendor due-diligence process and help to lead and maintain overall third-party risk management efforts.

·      Work with various business units to ensure controls are adequate, appropriate, and effective.

·      Support internal and external audit process for relevant compliance concerns including PCI-DSS, SOX, GDPR.

·       Participate in disaster recovery and business continuity planning.

·      Perform business impact analysis and assist with development of IT/InfoSec risk register.

·       Interface with global IT and business partners to provide guidance and support.

·       Perform periodic gap assessments to validate compliance on an ongoing basis.

·      Stay up to date and informed on developing regulatory concerns and changing IT and information security trends.

ADDITIONAL RESPONSIBILITIES-

•       Other duties as assigned.

SUPERVISORY RESPONSIBILITIES-

 •       No

JOB REQUIREMENTS-

·      Significant experience with legal and regulatory compliance standards such as PCI-DSS, SOX, GDPR, HIPAA, CaCPA, etc.

·      Familiarity with ISMS and security frameworks, particularly NIST Cybersecurity Framework.

·      Strong understanding of fundamental information security concepts and technology.

·      Experience with IT GRC/IRM platforms (Oracle, RSA Archer, MetricStream, etc.).

·      Experience with IT governance, risk, and compliance management in a large global environment.

·       Excellent written and oral communication skills.

·       Strong work ethic with attention to detail.

·       Ability to excel in a fast paced and rapidly changing environment.

EDUCATION AND EXPERIENCE-

·       Bachelor’s degree in related field or equivalent work experience.

·       ISACA or (ISC)2 Certification a plus.

All your information will be kept confidential according to EEO guidelines.