Headquartered in Southern California, Skechers has spent 30 years helping men, women and kids everywhere look and feel good. Developing comfort technologies is at the foundation of all that we do—delivering stylish, innovative, and quality products at a reasonable price. From our diverse footwear offering to a growing range of apparel and accessories, Skechers is a complete lifestyle brand.

With international business representing over half of our total sales, we have product available in more than 180 countries and significant opportunities for continued expansion worldwide. We sell our collections direct to consumers through more than 4,450 Skechers stores around the globe and Skechers e-commerce sites, as well as through a network of third-party partners.

A MULTI-BILLION-DOLLAR GLOBAL LEADER IN THE FOOTWEAR INDUSTRY.

JOB PURPOSE-

The Cloud Security Engineer at Skechers is a key member of our global information security team who will work as a subject matter expert, trusted partner, and ambassador to help protect Skechers critical customer facing and core business applications. We are looking for someone who is passionate about detecting & preventing security threats, and integrating security tools into daily operations, security architecture, full stack security design, and cloud infrastructure. They will be responsible for the mentorship of fellow contributors within the department, as well as leading projects on behalf of the Information Security Office.

The Cloud Security Engineer is responsible for designing, architecting and implementing security measures for all of Skechers’ cloud computing infrastructure. This includes identifying and mitigating security risks, implementing security controls, and monitoring for security events.

Skechers’ increasingly digital, cloud first technology strategy demands an individual who is well versed in modern application development and public cloud infrastructure and brings a broad understanding of secure development and general information security best practices. The candidate who will find the most success and fulfillment brings a genuine interest and passion for information security, a love for learning, a positive attitude, a desire to roll up their sleeves and dive into the deep end, and a belief that being excellent doesn’t mean you have to give up on having fun. 

ESSENTIAL JOB RESULTS-

• Design and implement security measures for Skecher’s cloud computing infrastructure, including identifying and mitigating security risks, implementing security controls, and monitoring for security events.
• Develop and implement security policies and procedures that align with industry standards and best practices for cloud infrastructure.
• Continuously monitor the cloud environment for potential security threats, vulnerabilities, and other events.
• Work closely with development teams to ensure secure Cloud Infrastructure coding practices and compliance with security policies.
• Stay current on new security threats, technologies, and industry trends to proactively improve the organization's cloud security posture.
• Collaborate with other IT and security teams to ensure seamless integration of cloud security measures within the overall security program.
• Provide guidance and support to other teams in the organization to help them understand and comply with cloud security policies and procedures.
• Continuously improve and update the organization's cloud security infrastructure and controls to meet changing business needs and regulatory requirements.
• Implement technical cloud controls to effectively reduce the risk of cloud-based security vulnerabilities, including drift-resiliency, private cloud network gaps, and web-facing threats.
• Perform threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.
• Create, communicate, and continuously monitor and improve metrics and KPIs.
• Manage vendor relationships for both Cloud Security technology & operations.
• Collaborate with the Information Security team to ensure successful completion of our roadmaps and initiatives.
• Contribute positively to the culture of information security across the organization.

SUPERVISORY RESPONSIBILITIES-

• NO.

JOB REQUIREMENTS-

• •n-depth understanding of cloud architecture and security principles, including experience with AWS and Azure and GCP architecture and security controls.
• Familiarity with security compliance standards such as SOC 2, PCI-DSS, and HIPAA and the ability to ensure compliance with these standards.
• Strong understanding of cloud network security, including experience with configuring and managing virtual firewalls, network access control and intrusion detection/prevention systems in cloud environments.
• Experience with cloud-native security monitoring tools and incident response procedures, including the ability to identify, investigate, and respond to security events in cloud environments.
• Knowledge of cloud-specific encryption protocols and the ability to implement them to protect data in transit and at rest.
• Familiarity with cloud-specific security technologies such as AWS Security Hub, Azure Security Center, and similar tools to monitor and manage security posture in cloud environments.
• Knowledge of secure coding practices and the ability to work with development teams to ensure that Cloud resources are designed and built with security in mind.
• Familiarity with various security tools and technologies, such as Identity and Access Management (IAM), Key Management Service (KMS), and security information and event management (SIEM) systems.
• Strong analytical and problem-solving skills with the ability to identify and mitigate potential security risks.
• Strong verbal and written communication skills to effectively present security concepts and solutions to technical and non-technical audiences.
• Experience with cloud infrastructure automation and configuration management tools like AWS CloudFormation, Azure ARM templates, and Ansible, Chef or Puppet is a plus.

EDUCATION AND EXPERIENCE-

• 4+ years of hands on development, IT infrastructure, cloud engineering or related experience 
• 2+ years of experience in security assessments against cloud platforms or applications, cloud engineering, or cloud security engineering
• Strong understanding of cloud & cloud-native technology with specific understanding of how security risks manifest in those environments 
• Deep experience with Amazon Web Services
• Strong knowledge of network and application protocols and their associated security implications (TCP/IP, HTTP, TLS, SSH, DNS, etc.)
• Experience with programming & scripting languages such as Java, .NET, Python, Perl, PowerShell, Scala, etc. a plus
• GIAC, Cloud+, or AWS Security Certified a plus

QUALIFICATIONS-

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.  The skills, abilities and physical demands described are representative of those duties that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities, who are otherwise qualified for the job position, to perform the essential functions.

PHYSICAL DEMANDS-

While performing the duties of this job, the employee is regularly required to stand; use hands to finger, handle, or feel, and talk or hear.  The employee frequently is required to walk; sit, reach with hands and arms, and stoop, kneel. The employee is occasionally required to sit for long period of times.

All your information will be kept confidential according to EEO guidelines.

Salary range for this position is $115,000-$160,000/year. 

Benefits:

• Paid Parental Leave: including time for fathers and adopting parents.
• Short term & long term disability and life insurance at no cost to the employee.
• Extensive medical, dental, and vision plans with multiple carries, including EPO,HPN and PPO plans.
• Competitive 401k plan and employer matching.
• Health Savings Account (HSA) and Flexible Savings Account (FSA) offerings.
• Paid vacation, sick, personal and holiday time.
• Pet Insurance available.
• Onsite wellness programs at company headquarters including fitness classes, acupuncture, and chiropractor.
• Employee stock purchase program
• Employee product discount of 50%; employee sample sales and family and friends discount throughout the year. 
• Skechers Company Culture and growth strategy is deeply infused with internal career growth and opportunities for learning.