Sr IT Engineer Data

OVERVIEW

Live the experience. From professional empowerment to continual learning opportunities. From ongoing investment in new and emerging technologies to a career of self-determination. At Ulta Beauty, our tech team is critical to our scalability-and is recognized that way. We've been defined as a "mature start-up." A place where interdepartmental exposure, open doors, and genuine collaboration is ubiquitous. Where challenges come fast and furious, requiring agility, mental dexterity, and creativity. Where our passion for better solutions drives us and is core to who we are.

We're engineering for the future of retail, and it's no-holds-barred. But for those motivated by continual change and ambiguity, by superior leadership, by whip smart colleagues who will press you daily for your very best, you'll find that virtually nothing's impossible at Ulta Beauty.

THE IMPACT YOU CAN HAVE:

The Senior Engineer - Data Protection has significant responsibilities related to securing Ulta's data. Their primary focus is the security of Ulta's structured and unstructured collaboration data (emails, IM's, documents, files) stored in legacy on-premises deployments and other SaaS or web service solutions. They will also focus on providing security best practices to a wide array of project teams to reasonable security of our sensitive data.

The Engineer collaborates with other members of the team (including onshore and offshore consultants), to ensure successful delivery of enterprise products and improve our information security posture. They work closely with key stakeholders and maintain high quality standards while operating in a highly dynamic and fast paced environment.

YOU'LL ACCOMPLISH THESE GOALS BY:

Application Support: Develops procedures and documentation for applications support. Manages application enhancements to improve business performance. Advises on application security, licensing, upgrades, backups, and disaster recovery needs. Ensures that all requests for support are dealt with according to set standards and procedures.

Business Process Improvement: Analyzes business processes; evaluates alternative solutions, assesses feasibility, and recommends new approaches, typically seeking to exploit technology components. Evaluates the financial, cultural, technological, organizational and environmental factors which must be addressed in the change program. Develops business requirements for the implementation of significant changes in organizational mission, business functions and process, organizational roles and responsibilities, and scope or nature of service delivery.

Information Management: Ensures that the business processes and information required to support the organization are defined and devises appropriate standards, processes and data architectures. Evaluates the impact of any relevant statutory, internal or external regulations on the organization's use of information and develops strategies for compliance.

Problem Management: Ensures that appropriate action is taken to anticipate, investigate and resolve problems in systems and services. Ensures that such problems are fully documented within the relevant reporting system(s). Leads the development of problem solutions. Coordinates the implementation of agreed remedies and preventative measures. Evaluates patterns and trends.

Relationship Management: Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans. Negotiates with stakeholders at senior levels and ensures that organizational policy and strategies are adhered to. Uses feedback from customers and stakeholders to help measure effectiveness of stakeholder management. Contributes to the development and enhancement of customer and stakeholder relationships. ADDITIONAL RESPONSIBILITIES:

Partner with technical and non-technical team members to assess security risk in business solutions, across varied systems and landscapes. Recommend, develop, deploy, and monitor appropriate mitigating controls. Document and socialize residual risk.

Collaborate with cloud experts and cloud novices through an infosec modernization of our cloud- native compute and data analytics platforms that rises to meet current threats

Identify analytical points of interest in raw data exports from security tooling and infrastructure systems, merging with other data sources, and build repeatable reports for management consumption

Develop and deploy automated solutions to monitor, alert, and remediate security and compliance findings in public cloud infrastructure and deployed code THE ESSENTIALS FOR SUCCESS:

Bachelor's degree in computer science, a related field, or applicable work experience

5+ years of experience in implementing and advising projects on data protection controls across the enterprise.

3+ years of experience in cloud security solutions, security data protection assessments, Integrations and programming abilities (PowerShell, Python, YAML, Webservices APIs).

Proven experience with Microsoft 365 Security including Microsoft 365 Defender, Microsoft Purviews, and Defender for Cloud Apps

Knowledge in Google Cloud platform and Azure services preferable.

Certifications - Microsoft certified: Information Protection Administrator associate, Microsoft certified Azure security engineer, Google certified security engineer, CISSP, CCSP, CISA, CISM. (Preferred)

Proficient knowledge of data protection laws and awareness of relevant guidelines

Experience in developing data protection policies and standards

Has experience in socializing data protection awareness across the organization

Demonstrate a working knowledge of NIST, ISO 27001 or ISO 27018, SOC security and privacy principles and provide practical examples of their application across the technical domain.

Knowledge of IT security and privacy risks and best practice controls across multiple technologies and processes

Experience performing IT security and privacy risk assessments / audits, using defined risk management approaches and processes

Proven ability to design, document, and implement reusable security patterns.

Experience with AD group structuring.

Strong leadership skills in accountability and customer focus

Proactive and able to catch issues before failures

Experience interacting with business users and vendors including vendor management

Strong analysis/troubleshooting skills

Excellent communication skills; feels comfortable working with non-technical business partners

Work with production support and project consultants in an onshore / offshore model

Flexibility of providing support during odd hours, weekends, and peak seasons

Minimal travel required (training/conferences

The pay range for this position is $102,900.00 - $130,000.00 / Year with the opportunity for eligible associates to earn additional compensation pursuant to the Company's bonus plan. Exact pay will be based on factors including, but not limited to relevant education, qualifications, certifications, experience, level, shift, geographic location, and business and organizational needs. Full-time positions are eligible for paid time off, health, dental, vision, life and disability benefits. Part-time positions are eligible for dental, vision, life, and disability benefits. For additional information concerning our benefits, visit our Benefits and Career Development page:

ABOUT

At Ulta Beauty (NASDAQ: ULTA), the possibilities are beautiful. Ulta Beauty is the largest North American beauty retailer and the premier beauty destination for cosmetics, fragrance, skin care products, hair care products and salon services. We bring possibilities to life through the power of beauty each and every day in our stores and online with more than 25,000 products from approximately 500 well-established and emerging beauty brands across all categories and price points, including Ulta Beauty's own private label. Ulta Beauty also offers a full-service salon in every store featuring-hair, skin, brow, and make-up services.

We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act.