Role Description Live the experience. From professional empowerment to continual learning opportunities. From ongoing investment in new and emerging technologies to a career of self-determination. At Ulta Beauty, our tech team is critical to our scalability—and is recognized that way. We’ve been defined as a “mature start-up.” A place where interdepartmental exposure, open doors, and genuine collaboration is ubiquitous. Where challenges come fast and furious, requiring agility, mental dexterity, and creativity. Where our passion for better solutions drives us and is core to who we are. We’re engineering for the future of retail, and it’s no-holds-barred. But for those motivated by continual change and ambiguity, by superior leadership, by whip smart colleagues who will press you daily for your very best, you’ll find that virtually nothing’s impossible at Ulta Beauty. Qualifications - Bachelor’s degree in Computer Science, or related. - Five (5) years in any occupation with development or related experience. - Three (3) years development experience including scripting with Powershell, Python, YAML, WebService APIs. - Experience with Google Cloud Platform services, ensuring security and compliance data and workloads. - Experience with Cloud CSPM tools (Palo Alto Prisma Cloud) to detect, notify, and remediate security misconfigurations. - Experience integrating code scanning for vulnerabilities into CI/CD pipelines for Cloud Native deployments. - Experience with AD group structuring, Google Cloud Directory Sync (GCDS), and SAML 2 federated authentication. - Experience implementing architectural big data security patterns in a scalable and consistent manner. - Experience applying industry standard cyber security frameworks and vendor blueprints to business problems. - Experience performing enterprise security risk assessments and selecting appropriate technical controls. - Experience designing, documenting, and implementing reusable security patterns. Requirements - Employer will accept a Master’s degree in Computer Science, or related and three (3) years in any occupation with development or related experience. - Must have skills listed above. Benefits - Salary: $143,333 - $144,333 per year. - Opportunity for eligible associates to earn additional compensation pursuant to the Company’s bonus plan. - Full-time positions are eligible for paid time off, health, dental, vision, life and disability benefits. - Part-time positions are eligible for dental, vision, life, and disability benefits. - For additional information concerning our benefits, visit our Benefits and Career Development page: Benefits and Career Development . Company Description At Ulta Beauty (NASDAQ: ULTA), the possibilities are beautiful. Ulta Beauty is the largest North American beauty retailer and the premier beauty destination for cosmetics, fragrance, skin care products, hair care products and salon services. We bring possibilities to life through the power of beauty each and every day in our stores and online with more than 25,000 products from approximately 500 well-established and emerging beauty brands across all categories and price points, including Ulta Beauty’s own private label. Ulta Beauty also offers a full-service salon in every store featuring—hair, skin, brow, and make-up services.

• Deploy, configure, and maintain(as L3) endpoint security solutions • Own the end-to-end vulnerability management process for endpoints • Develop and enforce endpoint hardening standards • Collaborate with the SOC and other security teams to correlate endpoint telemetry with network and cloud events for threat detection and response • Participate in the resolution of endpoint-related security incidents • Support and administer the existing Splunk deployment - ensuring stability, data source coverage, and platform reliability; drive its evolution as a Security BI platform through advanced dashboards, metrics, and reporting tailored to endpoint security and management needs

• design and develop control plane software for security features used in smart switching platforms and distributed firewall systems • contribute to core feature development from design through implementation, with a focus on APIs, policy orchestration, and secure service integration • work closely with engineers across control plane, data plane, and platform teams to deliver scalable capabilities that support deployment, observability, and policy enforcement across distributed environments • build and maintain APIs used for policy configuration, deployment workflows, logging, and operational visibility • integrate third-party components and internal services into Cisco security platforms • contribute to architecture discussions, feature design, and technical execution for new security capabilities

Data Security Engineer Location: Ford Island United States Job Description: Data Security Engineer The Opportunity: Architect, deploy, and configure data security solutions across various clients for DoD, IC, and civilian federal clients. Create new architectures to meet client requirements adhering to Zero Trust best practices and IC data header guidelines. Interface with key stakeholders, including agency personnel and internal delivery and engineering teams. Assist in building custom policy to ensure positive control of data across hybrid cloud environments. You Have: - 3+ years of experience designing, deploying, and configuring data security solutions - Experience with Data Security Posture Management (DSPM) tools such as Varonis or BigID - Experience with Data Loss Prevention (DLP) tools such as Forcepoint, Trellix, or Symantec - Experience with data labeling and tagging solutions such as Purview, Fortra, or Titus - Experience documenting and diagraming technical architectures - Secret clearance - HS diploma or GED Nice If You Have: - Experience working in federal, DoD, or IC agency environments - Experience managing and maintaining containerization solutions - Knowledge of federal information security policies, standards, procedures, directives, frameworks, federal security authorizations, assessment, and risk management processes for enterprise systems - Knowledge of Trusted Data Format (TDF) and Attribute Based Access Control (ABAC) - Knowledge of Virtru Data Security Platform (DSP) and Keycloak - Top Secret clearance - Bachelor's degree in an IT, Cybersecurity, or Engineering field Clearance: Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Secret clearance is required. Compensation At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen's benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page. Salary at Booz Allen is determined by various factors, including but not limited to location, the individual's particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $86,900.00 to $198,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen's total compensation package for employees. This posting will close within 90 days from the Posting Date. Identity Statement As part of the hiring process, we will ask you to complete an identity verification process that leverages advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud. Candidate AI Usage Policy AI is a part of our daily work at Booz Allen, and we are committed to the responsible and ethical use of AI tools. However, we want to ensure a fair candidate process based on your own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) or other tools to assist with responses during interviews (whether in-person or virtual) is prohibited unless permission is explicitly provided. Work Model Our people-first culture prioritizes the benefits of collaboration, whether it occurs in person or virtually. To support engagement and effective communication, employees working virtually are generally expected to have their cameras on during meetings. - Remote: If this position is listed as remote, there may still be occasions when you are required to work in person at a Booz Allen or customer facility. - Hybrid: If this position is listed as hybrid, you will be expected to work from a Booz Allen facility frequently, in alignment with leadership expectations and the needs of the role. You may also be required to work from or visit a customer facility. - Onsite: If this position is listed as onsite, work will primarily be performed at a Booz Allen office or customer facility, where employees will collaborate directly with colleagues and customers as required by the role. Commitment to Non-Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.