KnitWell Group
Application Security Analyst
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About KnitWell Group
KnitWell Group is a prominent specialty apparel company in the United States, known for its portfolio of iconic American fashion brands with over 400 years of combined retail experience. Founded and led by women, the company emphasizes a commitment to women-driven brands, empowering both customers and associates. With around 20 million loyal customers and more than 3,000 retail stores worldwide, KnitWell Group generates approximately $6 billion in annual sales. The company offers a range of chic and versatile fashion primarily for women, including plus-size apparel, catering to diverse lifestyles and body types. Its well-known brands, such as Ann Taylor, Lane Bryant, and Talbots, maintain unique identities while benefiting from the collective strength of the group. KnitWell Group also focuses on providing a comprehensive customer experience and fosters a culture of respect and collaboration, offering diverse career opportunities and supporting individual development for its approximately 45,000 associates.
Security at KnitWell Group
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
“The stated AppSec mission and priorities for KnitWell Group include application security assessments, DAST, SAST, SCA, pen-testing, and remediation. The team's approach to developer enablement involves "integrations and automation related to DevSecOps"and collaboration with engineering teams. Their risk philosophy incorporates "Knowledge on Threat Modeling and DevSecOps."Robyn Ready, as CISO, is responsible for security, IT risk, IT compliance, and privacy at KnitWell Group. Information on stated pain points or goals is not publicly available.”
Security Team
The AppSec team's reporting line is "Under the direction of the Director for Cyber Security Operations."Robyn Ready is identified as a key public-facing leader, holding the titles of "CISO, KnitWell Group"and "SVP, CISO."A team size estimate is not publicly available. The number of active AppSec job postings is not explicitly provided.
Key Initiatives
The KnitWell Group's vulnerability management process involves performing false positive analysis for scan results, analyzing security risks, and creating vulnerability reports with recommendations, along with participation in incident response. However, no public text was found describing SLAs, ticketing tools, or formal triage SLAs. Information regarding a Security Champions program is not publicly available. Specific pre-commit, IDE, or CI/CD security actions ('Shift Left' in Practice) are not explicitly detailed beyond general mentions of DevSecOps integrations. No public evidence was found for a published formal secure SDLC policy beyond references to Threat Modeling, SAST/DAST, and pentesting. Recent AppSec-specific initiatives announced in the last 6 months are also not publicly available.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.