Join the World's Top Legal Talent Network

Company Description

Headquartered in Southern California, Skechers has spent nearly 30 years helping men, women and kids everywhere look and feel good. Developing comfort technologies is at the foundation of all that we do—delivering stylish, innovative, and quality products at a reasonable price. From our diverse footwear offering to a growing range of apparel and accessories, Skechers is a complete lifestyle brand.

With international business representing over half of our total sales, we have product available in more than 170 countries and significant opportunities for continued expansion worldwide. We sell our collections direct to consumers through more than 4,000 Skechers stores around the globe and Skechers e-commerce sites, as well as through a network of third-party partners.

Job Description

Skechers USA is seeking an experienced and highly motivated Compliance Analyst to join our team. The ideal candidate will have a passion for problem solving, possess a strong knowledge of various compliance standards and is experienced in risk management. In this role, you will be responsible for: leading and facilitating internal/external audit for processes for PCI, SOX and other frameworks; serving as one of the primary liaisons between the security team and the business; monitoring the operational effectiveness of controls in the environment as well as ensuring Skechers compliance status with applicable laws and regulations. You will also be responsible for contributing to the maintenance and upkeep of security organizational policies and standards as well as working collaboratively with other departments to identify, analyze and mitigate compliance risks. To be successful in this role the candidate must have a strong passion for cybersecurity, is self-driven and takes ownership of tasks, have an appetite for taking new challenges and possess a natural drive and curiosity to continuously innovate and identify areas for process improvement.

Essential Job Responsibilities

• Lead internal and external audit process for relevant compliance concerns including PCI-DSS, SOX, GDPR at the enterprise level (domestic and international).
• Manage and perform security and compliance assessments on new and existing systems, processes, technology.
• Routinely gather evidence for regulatory testing, internal/external audit support, and/or due diligence assessments for technology or information security.
• Manage and track all compliance remediation activities and drive resolution of open issues.
• Collect evidence for regulatory tests, internal audit, and/or due diligence assessments for technology or information security.
• Support ongoing operations related to the maintenance, upkeep and reporting of risks tracked in our Cyber Risk Register.
• Manage issues through proper identification techniques, root cause analysis, aggregation across enterprise and appropriate close out of those items.
• Work with various business units to ensure controls are adequate, appropriate, and effective.
• Assist in designing, creating, and maintaining compliance/risk-based metrics (KPIs) as well as contributing to program reporting.
• Interface with global IT and business partners to provide guidance, risk advisory services and support.
• Support periodic gap assessments to validate compliance on an ongoing basis.
• Collaborate to define IT security standards and develop supporting organizational policies as well as manage policy lifecycle.
• Support vendor due-diligence process and help to lead and maintain overall third-party management efforts as needed.
• Support and contribute to enterprise-wide Security Awareness initiatives as needed.
• Stay up to date and informed on developing regulatory concerns and changing IT and information security trends.

Qualifications

• Detailed understanding of the industry’s leading cybersecurity framework and discernment on when and how those should be applied (i.e. NIST, ISO 27000 series, CIS Controls, CCM, etc.)
• Significant experience with legal and regulatory compliance standards such as PCI-DSS, SOX, GDPR, HIPAA, CPRA etc.
• Great understanding of fundamental information security concepts and technology.
• Experience with IT GRC/IRM platforms (Oracle, RSA Archer, MetricStream, etc.).
• Experience with IT governance, risk, and compliance management in a large, global environment.
• Excellent written and oral communication skills.
• Strong work ethic with attention to detail.
• Ability to excel in a fast-paced and rapidly changing environment.

Education And Experience

• 3-5 years of experience in similar role and/or information security function
• Bachelor’s degree in related field or equivalent work experience.
• GIAC, (ISC)2, or ISACA Certification a plus

Additional Information

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The skills, abilities and physical demands described are representative of those duties that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities, who are otherwise qualified for the job position, to perform the essential functions.

PHYSICAL DEMANDS-

While performing the duties of this job, the employee is regularly required to stand; use hands to finger, handle, or feel, and talk or hear. The employee frequently is required to walk; sit, reach with hands and arms, and stoop, kneel. The employee is occasionally required to sit for long period of times.

All your information will be kept confidential according to EEO guidelines.

The salary range for this position is $95,00-$130,000 USD.