This listing has expired and therefore is not publicly viewable.

Data Security Analyst
Company Skechers
Location Manhattan Beach, CA or Remote
Preferred GIAC Certifications GISP, GCCC, GLEG
Travel 1%
Salary Not provided
Contact Name Brett Cumming
Contact Email brettc/at/
Expires 2022-07-28

Job Description

Working as part of the Information Security Office within the IT department at Skechers, the Data Security Analyst will be responsible for leading the day-to-day operations relating to data security and data governance enterprise wide. The role will include primary responsibilities for defining and managing the organizational data security strategy through developing policies and technical standards as well as ensuring alignment with legal and regulatory compliance needs. More specifically, this role will ensure the information stored on computers or networks is not disclosed to unwanted parties or modified inadvertently impacting Skechers in a negative fashion.


Collaborate with Security, Engineering and Data teams to incorporate strong security controls, apply security best practices as well as mitigate risks and vulnerabilities.
Develop data security policies, procedures and technical standards
Discover, map and classify personal information across the business and its information systems, including Skechers software products.
Collaborate with programmers, engineers, and organizational leaders to identify opportunities for process improvements, recommend system modifications based on data governance policies set forth.
Ensure that data is appropriately de-identified where required and develop a process to audit data warehouses to ensure ongoing compliance with legal requirements and privacy policies.
Work with our Legal Team to transform privacy policies and standards into actionable processes and procedures that help Skechers build privacy into our everyday operations and processes.
Advise peers in Engineering on how to implement privacy controls and identify areas of concern or risk in Skechers solutions. Translate privacy policies into actionable software engineering requirements.
Manage privacy impact assessments and perform reviews of Skechers business processes.
Identify potential privacy issues in Skechers products. Recommend projects to address the privacy concerns you’ve identified.
Evaluate changes and updates to source production systems and communicate potential impact to overall data security strategy.
Prepare reports for executive leadership that effectively communicate trends, patterns, and predictions using relevant data.

3+ years experience implementing Data Security Governance strategies and technologies in a complex software delivery or telecommunications company.
Experience creating requirements for technical solutions to enable a consistent level of data security as well as performing gap assessments against those requirements.
Experience leveraging data catalog/inventory, data governance controls, data flow mapping, and data flow controls to run a data security program.
Functional knowledge of ISO 27001-2, NIST 800-53, CIS, common data security legal and regulatory requirements and ability to identify actionable and scalable solutions to gaps identified.
Have extraordinary organizational, analytical, and problem-solving skills.
Have a broad understanding of the technical implementations surrounding data security governance strategies, including data protection, access controls, and resiliency.
Ability to work with stakeholders to assess potential risks.
Ability to analyze existing tools and databases and provide software solution recommendations.
Ability to translate business requirements into non-technical, layman’s terms.
High-level written and verbal communication skills.
Working knowledge of CCPA and GDPR requirements and their applicability to Skechers’ business
Experience with various DLP solutions.
Ability to excel in a fast paced and rapidly changing environment.

Bachelor’s degree in related field or equivalent work experience desired.
Experience with Data Security & Governance tools is a plus (i.e., OneTrust,, Egnyte etc.)
GIAC Certification is a plus.