Sr IT Engineer Cloud Security

OVERVIEW

Live the experience . From professional empowerment to continual learning opportunities. From ongoing investment in new and emerging technologies to a career of self-determination. At Ulta Beauty, our tech team is critical to our scalability-and is recognized that way. We've been defined as a "mature start-up." A place where interdepartmental exposure, open doors, and genuine collaboration is ubiquitous. Where challenges come fast and furious, requiring agility, mental dexterity, and creativity. Where our passion for better solutions drives us and is core to who we are.

We're engineering for the future of retail, and it's no-holds-barred. But for those motivated by continual change and ambiguity, by superior leadership, by whip smart colleagues who will press you daily for your very best, you'll find that virtually nothing's impossible at Ulta Beauty.

THE IMPACT YOU CAN HAVE :

You'll be a key contributor in automating and enforcing cloud security across Ulta Beauty's GCP ecosystem - building guardrails, securing workloads, and integrating real-time detection and remediation capabilities to keep our cloud environments safe and compliant at scale. Ulta Beauty is seeking a Senior Cloud Security Engineer with deep, hands-on experience in securing and automating workloads within Google Cloud Platform (GCP). This role is responsible for implementing and maintaining scalable security controls, integrating security into CI / CD pipelines, and automating monitoring and remediation processes to protect data, identities, and workloads across cloud environments.

The ideal candidate has strong technical depth in GCP IAM, network security, and workload protection , with a focus on execution and automation , not architecture or solution design.

YOU'LL ACCOMPLISH THESE GOALS BY :

Cloud Security Implementation

• Configure, deploy, and maintain data and infrastructure security controls across GCP and Azure environments (projects, folders, and org-level).
• Design and enforce Identity and Access Management (IAM) configurations - roles, service accounts, and permissions - following least-privilege and zero-trust principles .
• Implement network security measures such as firewall rules, VPC Service Controls, Private Service Connect, and secure interconnects to safeguard data in motion.
• Secure GCP and Azure services including Cloud Storage, GKE, Cloud SQL, Pub / Sub, Cloud Functions, and Dataflow with a focus on data confidentiality and workload isolation .
• Implement data encryption and key management strategies using Cloud KMS, CMEK, and HSM integrations .
• Automate configuration baselines, guardrails, and policy enforcement using Terraform, Cloud Build, or Deployment Manager .
• Integrate cloud-native security tools (Security Command Center, Cloud Logging, Cloud Monitoring) for visibility, compliance, and anomaly detection .
• Develop automation scripts and tooling (Python, PowerShell, Go) to detect, notify, and remediate misconfigurations or security drift.
• Build and maintain CI / CD integrations for vulnerability scanning, policy validation, and data protection controls.
• Use APIs and SDKs to connect cloud security data to central logging, SIEM, or analytics platforms (Chronicle, Splunk, Elastic).
• Implement automated workflows for security posture management, access reviews, and incident response .

Monitoring & Incident Response

Compliance & Risk Management

Collaboration & Support

ESSENTIALS FOR SUCCESS :

Preferred Certifications

Soft Skills

#LI - HYBRID

#LI - ML1

The pay range for this position is $102,900.00 - $145,000.00 / Year with the opportunity for eligible associates to earn additional compensation pursuant to the Company's bonus plan. Exact pay will be based on factors including, but not limited to relevant education, qualifications, certifications, experience, level, shift, geographic location, and business and organizational needs. Full-time positions are eligible for paid time off, health, dental, vision, life and disability benefits. Part-time positions are eligible for dental, vision, life, and disability benefits. For additional information concerning our benefits, visit our Benefits and Career Development page :

ABOUT

At Ulta Beauty (NASDAQ : ULTA), the possibilities are beautiful . Ulta Beauty is the largest North American beauty retailer and the premier beauty destination for cosmetics, fragrance, skin care products, hair care products and salon services. We bring possibilities to life through the power of beauty each and every day in our stores and online with more than 25,000 products from approximately 500 well-established and emerging beauty brands across all categories and price points, including Ulta Beauty's own private label. Ulta Beauty also offers a full-service salon in every store featuring-hair, skin, brow, and make-up services.

We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act.