Application Security Engineer at Skechers

WHO WE ARE:Headquartered in Southern California, Skechers—the Comfort Technology Company®—has spent over 30 years helping men, women, and kids everywhere look and feel good. Comfort innovation is at the core of everything we do, driving the development of stylish, high-quality products at a great value. From our diverse footwear collections to our expanding range of apparel and accessories, Skechers is a complete lifestyle brand.ABOUT THE ROLE:Skechers is seeking a passionate Application Security Engineer to join our team and serve as a security champion who bridges the gap between development and security operations. This role is critical to strengthening our security posture by embedding security practices throughout the software development lifecycle and fostering a security-first culture across our development teams.The ideal candidate will be a hands-on security professional who thrives on collaboration, enjoys mentoring developers, and has the technical expertise to identify vulnerabilities while providing practical remediation guidance. You will play a pivotal role in scaling our application security program and ensuring our applications are secure by design.WHAT YOU'LL DO:Successfully integrate security practices into development workflows, resulting in measurable reduction of security vulnerabilities in production applicationsConduct thorough security-focused code reviews that identify critical vulnerabilities while providing actionable feedback to development teamsEstablish and implement efficient processes for triaging, prioritizing, and tracking remediation of security findings with clear SLAs and accountability measuresEnhance developer engagement through proactive security awareness initiatives, building trusted relationships that enable developers to implement secure coding practices throughout the development process.Assist with management and optimization of SAST, DAST, OSS, WAF, and other application security tools to maximize coverage and minimize false positivesProvide analysis and support as needed during security incidents to contribute to faster resolution timesWHAT YOU'LL BRING:Proficiency with application security tools including SAST, DAST, dependency scanning, and WAF technologiesStrong understanding of common web application vulnerabilities (OWASP Top 10) and secure coding practicesExperience with at least one programming language (Java, Python, JavaScript, C#, or similar)Knowledge of API security, authentication mechanisms, and authorization frameworksFamiliarity with DevSecOps practices and CI/CD pipeline integrationREQUIREMENTS:3-5 years of hands-on application security experience with demonstrated expertise in secure code reviewRetail or e-commerce experience a plusThe pay range for this position is $110,000-$155,000/yr USD.