Application Security Engineer

Headquartered in Southern California, Skechers—the Comfort Technology Company®—has spent over 30 years helping men, women, and kids everywhere look and feel good. Comfort innovation is at the core of everything we do, driving the development of stylish, high-quality products at a great value. From our diverse footwear collections to our expanding range of apparel and accessories, Skechers is a complete lifestyle brand.

Skechers is seeking a passionate Application Security Engineer to join our team and serve as a security champion who bridges the gap between development and security operations. This role is critical to strengthening our security posture by embedding security practices throughout the software development lifecycle and fostering a security-first culture across our development teams.

The ideal candidate will be a hands-on security professional who thrives on collaboration, enjoys mentoring developers, and has the technical expertise to identify vulnerabilities while providing practical remediation guidance. You will play a pivotal role in scaling our application security program and ensuring our applications are secure by design.

• Successfully integrate security practices into development workflows, resulting in measurable reduction of security vulnerabilities in production applications
• Conduct thorough security-focused code reviews that identify critical vulnerabilities while providing actionable feedback to development teams
• Establish and implement efficient processes for triaging, prioritizing, and tracking remediation of security findings with clear SLAs and accountability measures
• Enhance developer engagement through proactive security awareness initiatives, building trusted relationships that enable developers to implement secure coding practices throughout the development process.
• Assist with management and optimization of SAST, DAST, OSS, WAF, and other application security tools to maximize coverage and minimize false positives
• Provide analysis and support as needed during security incidents to contribute to faster resolution times

• Proficiency with application security tools including SAST, DAST, dependency scanning, and WAF technologies
• Strong understanding of common web application vulnerabilities (OWASP Top 10) and secure coding practices
• Knowledge of API security, authentication mechanisms, and authorization frameworks
• Familiarity with Dev Sec Ops  practices and CI/CD pipeline integration

• 3-5 years of hands-on application security experience with demonstrated expertise in secure code review
• Retail or e-commerce experience a plus

The pay range for this position is $110,000-$155,000/yr USD.