Role Description We are seeking an experienced Senior Business Applications Security Engineer to join our growing Corporate Technology team. This is not a maintenance role—this is an opportunity to build something from the ground up. You will take ownership of the security posture for our entire business application ecosystem, from Salesforce and Workday to niche departmental tools, transforming a fragmented, reactive approach into a centralized, proactive, and hardened security program. Your focus will be on bridging business needs with cloud-based software solutions through implementation, optimization, and vendor management. Transform business application security from an afterthought to a core competency. You will: - Build from scratch: Design and implement a comprehensive business application security program where none exists - Own the ecosystem: Take full ownership of security posture across 200+ business applications (SaaS, cloud, and on-premise) - Establish the standard: Define what "secure" means for business applications and ensure every tool meets that bar - Shift left: Embed security into procurement, integration, and lifecycle management processes - Drive change: Partner with stakeholders across IT, Engineering, Finance, HR, Sales, and Marketing to fundamentally change how the organization thinks about application security Responsibilities: - System Administration: Design and scale user access with role-based access controls (RBAC), where possible - Technical Support & Troubleshooting: Provide escalation support in debugging app access/role issues - Application Onboarding: Conduct requirements discovery and analysis with key stakeholders for new applications, particularly pertaining to login and role access protocols - Identity Lifecycle Management: Designing and implementing automations ensuring automatically granted or revoked access - Integration Management: Manage API connections and integrations between business applications in our tech stack - Process Improvements: Identify and implement automation opportunities to streamline workflows - Data & Compliance: Ensure data accuracy, integrity and compliance with security standards - Mentorship to guide junior teammates on best practices within the role Qualifications - 8+ years of experience in Application Security or related role - Professional Certifications: CISSP are a plus - Expertise in Okta, Google Workspace, Microsoft 365 - Experience with SAML and OAuth protocols, as well as SCIM - Proficiency with Okta Workflow or similar automation platforms - Excellent ability to bridge conversations between technical teams and non-technical business stakeholders - Soft skills: Change management, process improvement, stakeholder management, collaborative mindset with excellent written and verbal communication. Benefits - Competitive compensation package - Equity opportunities - Comprehensive health, dental, and vision coverage - Flexible PTO and remote work options - Learning & development resources - A high-impact role in a fast-growing, mission-driven company.

• Own the design, configuration, and ongoing improvement of endpoint protection and EDR tooling across the organization • Administer and optimize zero-trust networking and identity tooling (policy design, tuning, and operational resiliency) • Partner with IT to define and execute IAM strategy (joiner/mover/leaver, privileged access, MFA, conditional access, SSO) • Establish operational standards (runbooks, playbooks, SLAs) for corporate security tooling and support workflows • Leverage automation and AI-driven capabilities to reduce manual effort and improve detection, response speed, and consistency • Lead incident response planning, execution, and post-incident reviews; drive improvements based on lessons learned • Develop and tune detections (alerts, rules, behavioral analytics) and ensure high signal-to-noise monitoring • Own threat intelligence collection, analysis, and internal dissemination; translate intel into actionable controls • Coordinate cross-functional response efforts (IT, Engineering, HR, Legal, vendors) during security events • Perform root-cause analysis for recurring security issues and drive corrective and preventative actions • Own security training and phishing simulation programs; analyze results and improve effectiveness over time • Serve as escalation point for internal security requests and support tickets; improve user experience of security controls • Provide security guidance to teams to enable productivity while maintaining appropriate risk controls • Define, track, and report KPIs that measure control effectiveness (coverage, MTTD/MTTR, phishing resilience, patch/EDR compliance) • Communicate security posture, risks, and trends to leadership with clear recommendations and prioritized roadmaps • Identify and deliver improvements to visibility, automation, scalability, and resilience of security operations

Role Description Live the experience. From professional empowerment to continual learning opportunities. From ongoing investment in new and emerging technologies to a career of self-determination. At Ulta Beauty, our tech team is critical to our scalability—and is recognized that way. We’ve been defined as a “mature start-up.” A place where interdepartmental exposure, open doors, and genuine collaboration is ubiquitous. Where challenges come fast and furious, requiring agility, mental dexterity, and creativity. Where our passion for better solutions drives us and is core to who we are. We’re engineering for the future of retail, and it’s no-holds-barred. But for those motivated by continual change and ambiguity, by superior leadership, by whip smart colleagues who will press you daily for your very best, you’ll find that virtually nothing’s impossible at Ulta Beauty. Qualifications - Bachelor’s degree in Computer Science, or related. - Five (5) years in any occupation with development or related experience. - Three (3) years development experience including scripting with Powershell, Python, YAML, WebService APIs. - Experience with Google Cloud Platform services, ensuring security and compliance data and workloads. - Experience with Cloud CSPM tools (Palo Alto Prisma Cloud) to detect, notify, and remediate security misconfigurations. - Experience integrating code scanning for vulnerabilities into CI/CD pipelines for Cloud Native deployments. - Experience with AD group structuring, Google Cloud Directory Sync (GCDS), and SAML 2 federated authentication. - Experience implementing architectural big data security patterns in a scalable and consistent manner. - Experience applying industry standard cyber security frameworks and vendor blueprints to business problems. - Experience performing enterprise security risk assessments and selecting appropriate technical controls. - Experience designing, documenting, and implementing reusable security patterns. Requirements - Employer will accept a Master’s degree in Computer Science, or related and three (3) years in any occupation with development or related experience. - Must have skills listed above. Benefits - Salary: $143,333 - $144,333 per year. - Opportunity for eligible associates to earn additional compensation pursuant to the Company’s bonus plan. - Full-time positions are eligible for paid time off, health, dental, vision, life and disability benefits. - Part-time positions are eligible for dental, vision, life, and disability benefits. - For additional information concerning our benefits, visit our Benefits and Career Development page: Benefits and Career Development . Company Description At Ulta Beauty (NASDAQ: ULTA), the possibilities are beautiful. Ulta Beauty is the largest North American beauty retailer and the premier beauty destination for cosmetics, fragrance, skin care products, hair care products and salon services. We bring possibilities to life through the power of beauty each and every day in our stores and online with more than 25,000 products from approximately 500 well-established and emerging beauty brands across all categories and price points, including Ulta Beauty’s own private label. Ulta Beauty also offers a full-service salon in every store featuring—hair, skin, brow, and make-up services.

• Deploy, configure, and maintain(as L3) endpoint security solutions • Own the end-to-end vulnerability management process for endpoints • Develop and enforce endpoint hardening standards • Collaborate with the SOC and other security teams to correlate endpoint telemetry with network and cloud events for threat detection and response • Participate in the resolution of endpoint-related security incidents • Support and administer the existing Splunk deployment - ensuring stability, data source coverage, and platform reliability; drive its evolution as a Security BI platform through advanced dashboards, metrics, and reporting tailored to endpoint security and management needs