Sr IT Manager Cloud Security

OVERVIEW

Live the experience. From professional empowerment to continual learning opportunities. From ongoing investment in new and emerging technologies to a career of self-determination. At Ulta Beauty, our tech team is critical to our scalability-and is recognized that way. We've been defined as a "mature start-up." A place where interdepartmental exposure, open doors, and genuine collaboration is ubiquitous. Where challenges come fast and furious, requiring agility, mental dexterity, and creativity. Where our passion for better solutions drives us and is core to who we are.

We're engineering for the future of retail, and it's no-holds-barred. But for those motivated by continual change and ambiguity, by superior leadership, by whip smart colleagues who will press you daily for your very best, you'll find that virtually nothing's impossible at Ulta Beauty.

THE IMPACT YOU CAN HAVE:

The Senior Manager - Cloud Security will lead the strategic direction, execution, and continuous improvement of Ulta Beauty's cloud security posture across Google Cloud and Microsoft Azure environments. This role is responsible for overseeing the development, deployment, and management of cloud security strategies and solutions that ensure the integrity, confidentiality, and availability of our systems and data. The Senior Manager will work closely with other IT and business leaders to define security best practices, manage risk, and ensure that our cloud infrastructure is secure, compliant, and optimized for performance.

The ideal candidate will possess deep expertise in cloud security, with hands-on experience in securing both Google Cloud and Azure environments. In addition to technical leadership, this role requires a strong ability to influence and collaborate with stakeholders across the organization, ensuring alignment between security, business objectives, and cloud initiatives.

YOU'LL ACCOMPLISH THESE GOALS BY:

• Cloud Security Strategy & Governance:
• Define and execute the strategic direction for cloud security across Google Cloud and Azure environments.
• Establish governance frameworks, security policies, and best practices for securing cloud workloads, services, and data.
• Align cloud security initiatives with Ulta's broader security and business goals, ensuring compliance with industry regulations and internal standards.
• Cloud Infrastructure Security:
• Lead the design, implementation, and ongoing management of security controls within Google Cloud and Azure, including network security, identity and access management (IAM), encryption, threat detection, and vulnerability management.
• Oversee the integration of security tools and platforms to monitor and protect cloud environments, ensuring that cloud resources are securely configured, optimized, and compliant.
• Cloud Security Incident Response & Risk Management:
• Develop and lead incident response strategies for cloud environments, ensuring that any security events in Google Cloud and Azure are swiftly addressed.
• Work closely with the security operations team to identify, assess, and mitigate cloud-specific risks, and lead the response to potential threats or vulnerabilities.
• Participate in regular risk assessments and threat modeling to proactively address potential weaknesses in the cloud security architecture.
• Identity and Access Management (IAM):
• Lead the development and management of IAM strategies across cloud environments, ensuring robust access controls and least-privilege principles are enforced in both Google Cloud and Azure.
• Implement and manage role-based access controls (RBAC), single sign-on (SSO), multi-factor authentication (MFA), and privileged access management (PAM) to protect critical cloud resources.
• Collaboration & Stakeholder Engagement:
• Act as the cloud security subject matter expert, collaborating with cross-functional teams including IT, DevOps, engineering, and compliance to ensure security is embedded throughout the development lifecycle.
• Work closely with internal and external auditors, regulators, and legal teams to ensure adherence to security and compliance requirements across cloud environments.

Primary Responsibilities:

• Cloud Security Automation & Optimization:
• Lead initiatives to automate cloud security controls and processes, using tools like Terraform, CloudFormation, or other infrastructure-as-code (IaC) solutions to enforce security configurations in Google Cloud and Azure.
• Continuously assess and optimize security performance and efficiency in cloud platforms, utilizing cloud-native security tools like Google Cloud Security Command Center and Azure Security Center.
• Cloud Compliance & Regulatory Management:
• Ensure that cloud environments comply with applicable regulatory requirements, such as GDPR, CCPA, HIPAA, and SOC 2, and guide the organization through relevant cloud security audits.
• Lead the implementation of security frameworks like CIS Benchmarks or NIST CSF in both Google Cloud and Azure.
• Cloud Security Training & Awareness:
• Develop and deliver training programs to upskill internal teams on cloud security best practices, secure cloud architecture, and threat detection in Google Cloud and Azure.
• Foster a security-first culture within the organization, ensuring that cloud security considerations are integrated into all stages of the cloud application lifecycle.
• Cloud Security Research & Innovation:
• Stay ahead of evolving threats and trends in cloud security, continuously evaluating new tools, technologies, and methodologies to improve Ulta's cloud security posture.
• Conduct research on emerging cloud security threats and recommend solutions to mitigate risks before they impact the organization.
• Incident Postmortem & Continuous Improvement:
• Lead post-incident reviews to analyze cloud security breaches or near-misses and ensure that corrective actions are taken to strengthen the overall security framework.
• Drive continuous improvement in the cloud security program by analyzing incident data, identifying root causes, and updating processes and tools accordingly.

ESSENTIALS FOR SUCCESS:

• Educational Background:
• Bachelor's degree in Computer Science, Information Security, or related field, or equivalent professional experience.
• Experience:
• 8+ years of experience in IT security, with at least 5 years focused on cloud security in Google Cloud and Azure environments.
• Proven experience leading cloud security initiatives, implementing security controls, and managing security risk in cloud environments.
• Certifications:
• Professional certifications such as Google Professional Cloud Security Engineer, Microsoft Certified: Azure Security Engineer, Certified Information Systems Security Professional (CISSP), or equivalent are strongly preferred.
• Technical Skills:
• Extensive knowledge of cloud security best practices, including security architecture, network security, identity management, and incident response in Google Cloud and Azure.
• Hands-on experience with cloud-native security tools like Google Cloud Security Command Center, Azure Security Center, CloudTrail, and AWS GuardDuty.
• Familiarity with tools for automating cloud security (e.g., Terraform, CloudFormation, Ansible).
• Experience with vulnerability management, encryption, and threat detection in cloud environments.
• Leadership and Collaboration Skills:
• Proven ability to lead and manage cross-functional teams, guiding both technical and non-technical stakeholders on cloud security best practices.
• Strong communication skills, with the ability to present complex security topics to executives, auditors, and technical teams.
• Problem Solving and Critical Thinking:
• Strong analytical skills with the ability to quickly identify issues and determine effective solutions in cloud environments.
• Ability to handle complex security challenges, driving risk reduction strategies while maintaining business agility.
• Other:
• Ability to work flexible hours and provide off-hours support, including participation in a 24x7 on-call rotation.
• Ability to lift and move up to 25 pounds as needed for physical tasks related to IT infrastructure management.

#LI-ML1

#LI-Hybrid

The pay range for this position is $119,300.00 - $180,000.00 / Year with the opportunity for eligible associates to earn additional compensation pursuant to the Company's bonus plan. Exact pay will be based on factors including, but not limited to relevant education, qualifications, certifications, experience, level, shift, geographic location, and business and organizational needs. Full-time positions are eligible for paid time off, health, dental, vision, life and disability benefits. Part-time positions are eligible for dental, vision, life, and disability benefits. For additional information concerning our benefits, visit our Benefits and Career Development page: https://learn.bswift.com/ulta

ABOUT

At Ulta Beauty (NASDAQ: ULTA), the possibilities are beautiful. Ulta Beauty is the largest North American beauty retailer and the premier beauty destination for cosmetics, fragrance, skin care products, hair care products and salon services. We bring possibilities to life through the power of beauty each and every day in our stores and online with more than 25,000 products from approximately 500 well-established and emerging beauty brands across all categories and price points, including Ulta Beauty's own private label. Ulta Beauty also offers a full-service salon in every store featuring-hair, skin, brow, and make-up services.

We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act.