Cybersecurity Risk Analyst at Skechers

Manhattan Beach, California, United States

Not SpecifiedCompensation

Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Cybersecurity, RetailIndustries

Strong technical foundation in network security, system hardening, vulnerability management, and enterprise security architectures
Practical experience implementing security frameworks - hands-on work with NIST Cybersecurity Framework, NIST 800-53 controls, or CIS Controls in operational environment
Understanding of threat landscapes including MITRE ATT&CK framework, threat intelligence, and attack methodologies targeting retail/enterprise environment
Strong analytical skills for translating technical vulnerabilities into business risk scenarios and communicating security risks to non-technical stakeholders
Experience with technical risk assessment and the ability to quantify and prioritize risks based on likelihood and business impact
Understanding of retail security challenges including PCI-DSS, customer data protection, and supply chain security considerations
Proven ability to work with technical teams including security engineers, system administrators, and developers to drive security improvements
Excellent communication skills with ability to present complex technical concepts to diverse audiences including executive leadership
Self-motivated problem solver who thrives in collaborative, cross-functional environments
4-5 years of cybersecurity experience with some history of hands-on technical work
Retail or e-commerce experience a plus

Perform security control evaluations using NIST 800-53 and CIS Controls as implementation guides rather than compliance checklists - assessing actual security posture and effectiveness against real-world threats
Analyze and prioritize cyber risks based on technical likelihood, business impact, and threat intelligence - translating complex security vulnerabilities into actionable risk scenarios for stakeholders
Drive technical risk remediation by working directly with technical teams and business stakeholders to align on and execute security improvements
Maintain and evolve the cyber risk register with technically accurate risk descriptions, realistic threat scenarios, and meaningful metrics that reflect real security posture improvements
Assess third-party security risks through technical security questionnaires, penetration test reviews, and security architecture analysis in addition to vendor compliance documentation
Collaborate with security operations teams to incorporate threat intelligence, incident findings, and vulnerability data into risk assessments and prioritization decisions
Help mature risk-based security metrics that measure security improvements and threat reduction rather than compliance percentages
Participate in internal and external audit process for relevant compliance concerns including PCI-DSS, SOX, and GDPR at the enterprise level
Interface with global IT and business partners to provide guidance, risk advisory services and support
Other duties as assigned