AppSec Jobs
← Back to all jobs

lululemon

Senior Engineer I - Security - International Technology

Seattle, WAWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About lululemon

Lululemon Athletica is a yoga-inspired athletic apparel company founded in 1998 in Vancouver, Canada, by Chip Wilson. The company designs and sells high-performance athletic wear for both women and men, catering to various sports and fitness activities. Lululemon started as a design studio and opened its first retail store in 2000. It went public in 2007 and expanded into Europe in 2014. Initially focused on women's yoga wear, Lululemon's product line has grown to include accessories, outerwear, and a dedicated men's line. The company is known for its proprietary Luon fabric, which offers durability and comfort. Lululemon stores also serve as community hubs, promoting healthy living and mindfulness while connecting fitness enthusiasts. The brand targets active individuals who seek stylish and functional athletic wear.

Industry

retail

Employees

39,000

1026 engineers

Revenue

$11B

Website

Visit →

Security at lululemon

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Stated AppSec Mission: 'Embed secure development practices across the SDLC' – Job ID 57297 .
  • Developer Enablement: The team focuses on 'DevSecOps integration' and scaling through automation to support development speed. .
  • Risk Philosophy: Employs 'threat modeling' and 'secure coding' to address risks within the business context. .
  • Stated Goals: 'scale vulnerability remediation through automation' – Job ID 57297 .

Security Team

Org Structure & Reporting Line: The AppSec team is described as a 'key leader within the Technology organization' responsible for embedding practices across the SDLC. . Key Public-Facing Leaders: 1. Robert Masse, Head of Cybersecurity (Global) – https://www.linkedin.com/in/robertmasse. Key Quote: 'mature our global AppSec and Vulnerability Management capabilities' – LinkedIn . 2. Zachary B., Security Engineer – https://www.linkedin.com/in/zachary-blum. Key Quote: 'dedicated to improving our vulnerability pipeline' – LinkedIn . 3. Ravi Sharma, Director, Cloud & Platform Engineering – https://www.linkedin.com/in/ravi-sharma-1389708. Key Quote: 'Unified DevSecOps with GitLab' – LinkedIn . Team Size Estimate (as_of:): Information not publicly available. Active AppSec Job Postings (as_of:): 3 identified (Vulnerability Management, SOC, Awareness).

Key Initiatives

Security Champions Program: Information not publicly available. 'Shift Left' in Practice: Described as 'threat modeling, secure coding, and DevSecOps integration' within the SDLC – Job ID 57297 . Vulnerability Management Process: - Intake: 'Record identified vulnerabilities' – Job ID 57252 . - Triage/Remediation: 'create remediation tickets and track their status' – Job ID 57252 . Recent Initiatives: 'Unified DevSecOps with GitLab' to manage 'thousands of repos' – LinkedIn ; 'comprehensive cybersecurity awareness program' – Job ID 57836 .

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.