Full Job Description
Join the thousands of innovators, advocates and forces who are making an impact every day at one of the biggest footwear brands in the world. Whether you love to connect with consumers on the retail floor or want to drive our award-winning powerhouse in new directions, the SKECHERS team is the place to be. Learn more about our brand at skx.com.
The Security Architect at Skechers is a subject matter expert across information security domains who helps enable various technology teams to build with a security-by-design philosophy. They are expected to be a technical thought leader for information security both inside the function as well as across the business, and to use their skills and expertise to help set the tone and direction of the information security program.
The role will involve working closely with various infrastructure, application, and business teams globally to provide guidance and thought leadership, as well as helping to lead design and discovery for emerging tools, capabilities, and processes in support of security operations and information technology use cases. The candidate who will find the most success and fulfillment brings a genuine interest and passion for information security, a desire to roll up their sleeves and dive into the deep end, and a belief that being excellent doesn’t mean you have to give up on having fun.
Essential Job Results
Review IT infrastructure, applications and systems to identify design gaps and recommend security enhancements as needed
Develop internal standards and practices for data protection including encryption, tokenization, masking, anonymization, etc. based on the organization's data classification criteria and business requirements
Develop internal standards and practices to support infrastructure and operational assurance such as secure network design, remote access controls, secure practices for PAM/IAM, etc.
Provide guidance and direction in the best-practices implementation of security technologies such as firewalls, intrusion prevention/detection, secure email gateways, endpoint protection, SIEM/UEBA, etc.
Track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in security strategy plans and architecture artifacts.
Create conceptual and technical design artifacts in alignment with long term business and enterprise security strategies
Interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers
Participate in business and IT initiatives as an information security architecture expert in order to provide of guidance on proper security practices
Assist with making key decisions on security initiatives and acting as quality gatekeeper for security signoff
Evaluate technical designs, operational methods, business process, and other IT and business artifacts for their alignment with the enterprise security architecture
Maintain security architecture compliance in adherence with PCI-DSS, SOX, HIPAA/HITECH, GDPR, CCPA, as well as various other global data privacy requirements, and state and federal regulations
Advise and maintain Skechers’ strategic enterprise technology plan; develop and refine architectural governance, standards, and policy within the IT department.
Other duties as assigned.
Full-stack knowledge of IT infrastructure:
Operating systems (Windows, Unix and Linux)
Networking (Wired/Wireless, WAN, LAN)
Enterprise backup and recovery
Workstations, Servers, and Mobile devices
Hands-on experience managing security infrastructure such as firewalls, IPSs, WAFs, endpoint protection, SIEM and log management technology
Strong familiarity with SaaS/PaaS/IaaS and associated security implications
Experience designing and/or securing the deployment of applications and infrastructure into public cloud services (AWS, Azure, GCP)
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
An understanding of the impact that digital and emerging business and end-user technologies have on information security posture and risk factors
Demonstrated technical expertise in existing security and IT systems and an ability to keep pace with changing security and IT technologies
Excellent written and oral communication skills, with the specific ability to translate complex technology and information security related concepts into terms that are easily understood by members of other technology teams and lines of business
Excellent documentation skills, including experience creating and maintaining architectural governance, process, standards, and policy.
A team-focused mentality with the proven ability to work effectively with diverse stakeholders
Strong work ethic with attention to detail
Ability to excel in a fast paced and rapidly changing environment
Education and Experience
8+ years of experience cumulatively across IT security, systems, network, infrastructure, or software engineering roles
GIAC, ISACA, or (ISC)2 Certification a plus
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The skills, abilities and physical demands described are representative of those duties that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities, who are otherwise qualified for the job position, to perform the essential functions.
All your information will be kept confidential according to EEO guidelines.
While performing the duties of this job, the employee is regularly required to stand; use hands to finger, handle, or feel, and talk or hear. The employee frequently is required to walk; sit, reach with hands and arms, and stoop, kneel. The employee is occasionally required to sit for long period of times.