IT Lead Engineer - Access Management

OVERVIEW

Live the experience. From professional empowerment to continual learning opportunities. From ongoing investment in new and emerging technologies to a career of self-determination. At Ulta Beauty, our tech team is critical to our scalability—and is recognized that way. We’ve been defined as a “mature start-up.” A place where interdepartmental exposure, open doors, and genuine collaboration is ubiquitous. Where challenges come fast and furious, requiring agility, mental dexterity, and creativity. Where our passion for better solutions drives us and is core to who we are.

 

We’re engineering for the future of retail, and it’s no-holds-barred. But for those motivated by continual change and ambiguity, by superior leadership, by whip smart colleagues who will press you daily for your very best, you’ll find that virtually nothing’s impossible at Ulta Beauty.

THE IMPACT YOU CAN HAVE: 

The Ulta Beauty IT Risk Management team is looking for a Lead Identity Engineer with strong technical experience in Access Management. The individual filling this role must be an enterprise-level strategist with the ability to make long-term decisions affecting ULTA’s business environment from an IT, Access management & Compliance perspective. This position will be a lead engineer with several years’ experience in the retail IT environment and requires the ability to build relationships across all IT teams and many business teams. The lead engineer will be accountable for supporting and implementing all enterprise controls around and authentication, authorization, and privileged access across a hybrid multi-cloud environment, including documenting processes solutions for business-critical applications. 

 

YOU'LL ACCOMPLISH THESE GOALS BY: 

• Solution Architecture - Leads the development and implementation of security architectures involving complex systems, ensuring accuracy and consistency with the specified requirements agreed with both external and internal customers. Ability to effectively adapt to rapidly changing technologies and apply them to evolving business needs. 
• Privileged Access Strategy & Planning - Leads and manages the creation or review of an IT strategy around privileged access which meets the requirements of the business. Develops, communicates, implements, and reviews the processes which ensure that strategic management of IT is embedded in the organization's management and operational plans. 
• Problem Management- Ensures that appropriate action is taken to anticipate, investigate and resolve problems in systems and services. Ensures that such problems are fully documented within the relevant reporting system(s). Leads the development of problem solutions. Coordinates the implementation of agreed remedies and preventative measures. Evaluates patterns and trends
• Quality Management - Leads the application of appropriate quality management techniques to identify areas for improvement. Coordinates systematic remediation actions to reduce vulnerabilities and improve the quality of the systems and services, by examination of the root causes of problems. 
• Relationship Management – Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining, and working on stakeholder engagement strategies and plans.  Negotiates with stakeholders at senior levels and ensures that organizational policy and strategies are adhered to.  
• Research – Leads and identifies appropriate opportunities for publication and dissemination of research findings. Where necessary, designs data collection tools and techniques for both qualitative and quantitative data
• Business Process Improvement - Analyzes business processes; evaluates alternative solutions, assesses feasibility, and recommends innovative approaches, typically seeking to exploit technology components. Evaluates the financial, cultural, technological, organizational, and environmental factors which must be addressed in the change program. Develops business requirements for implementing significant changes in organizational mission, business functions and process, organizational roles and responsibilities, and scope or nature of service delivery.

 

 ADDITIONAL RESPONSIBILITIES:

• In-depth understanding of cloud technologies and tools, including SAML, Oauth, OIDC, Conditional Access, Authentication and Authorization
• Lead the planning, analysis, design, development, implementation, and support migration of on-premise federation services to Azure
• Partner with various IT teams, vendors, and/or business partners to ensure solutions align with best practices and meet business and audit requirements
• Provide advanced technical support for implementing, troubleshooting, and maintaining password management and radius systems
• Leads process improvement opportunities to streamline application security and contributes to developing a Role Based Access Control model.
• Works closely with the business and IT to develop cost effective, operationally support solutions that meet security requirements
• Leads Root Cause Analysis and provides guidance to implement corrective actions to address root causes (especially for complex or intermittent issues)
• Leads the initiative to document all processes surrounding identity management in a well-organized manner
• Remains aware of and applies industry best practices in security techniques
• Performs other duties as assigned

 

 

ESSENTIALS FOR SUCCESS: 

• Excellent troubleshooting skills
• Excellent command of PowerShell, and other scripting languages used for automation
• Experience with CyberArk privileged access management Preferred. Experience with CyberArk, PowerBroker, Hashi and/or other PAM solutions
• 7 years relevant hands-on experience in PAM
• Deep security knowledge which covers core technology infrastructure (network, storage, servers, databases, etc.) identity management and application security practice.
• Deep experience with Linux, Windows, Access Management (Single Sign-On, Multi Factor Authentication), Authorization services or design and architecture of PAM services
• Deep knowledge on Federation platforms or protocols such as Oauth, OpenID, SAML, WS-Fed, etc.
• 8 years working level experience with IAM platforms such as Google Identity, Active Directory, EntraID
• Hands on experience and proficiency with Okta, Azure, GCP, and/or Cloud Technologies will be an advantage.
• Bachelor's degree in computer science, a related field, or 12 years’ work experience
• Proven ability to clearly and effectively communicate (verbal and written) both business and technical information, adjusting terminology based on the audience 
• Ability to follow-up, follow through and deliver timely results  
• Pro-active and able to drive direction of work that needs to be completed, ability to work independently on initiatives with little oversight. Motivated and willing to learn
• Strong attention to detail and advanced analytical skills
• Excellent communication and presentation skills
• Excellent organizational skills and be able to effectively prioritize multiple tasks
• Hands on experience and involvement in large and complex projects
• Participation in regular on call rotations
• Limited travel requirements, conferences / events
• Ability to provide support during off hours weekends, and peak season

 

#LI-ML1

 

The pay range for this position is $100,900.00 - $150,000.00 / Year with the opportunity for eligible associates to earn additional compensation pursuant to the Company’s bonus plan. Exact pay will be based on factors including, but not limited to relevant education, qualifications, certifications, experience, level, shift, geographic location, and business and organizational needs. Full-time positions are eligible for paid time off, health, dental, vision, life and disability benefits. Part-time positions are eligible for dental, vision, life, and disability benefits. For additional information concerning our benefits, visit our Benefits and Career Development page: https://learn.bswift.com/ulta

ABOUT

At Ulta Beauty (NASDAQ: ULTA), the possibilities are beautiful. Ulta Beauty is the largest North American beauty retailer and the premier beauty destination for cosmetics, fragrance, skin care products, hair care products and salon services. We bring possibilities to life through the power of beauty each and every day in our stores and online with more than 25,000 products from approximately 500 well-established and emerging beauty brands across all categories and price points, including Ulta Beauty’s own private label. Ulta Beauty also offers a full-service salon in every store featuring—hair, skin, brow, and make-up services.

 

We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act.

Salary : $100,900 - $150,000