SOC Manager, Hybrid

OVERVIEW

Live the experience. From professional empowerment to continual learning opportunities. From ongoing investment in new and emerging technologies to a career of self-determination. At Ulta Beauty, our tech team is critical to our scalability-and is recognized that way. We've been defined as a "mature start-up." A place where interdepartmental exposure, open doors, and genuine collaboration is ubiquitous. Where challenges come fast and furious, requiring agility, mental dexterity, and creativity. Where our passion for better solutions drives us and is core to who we are.

We're engineering for the future of retail, and it's no-holds-barred. But for those motivated by continual change and ambiguity, by superior leadership, by whip smart colleagues who will press you daily for your very best, you'll find that virtually nothing's impossible at Ulta Beauty.

• Project Management: Defines, documents, and carries out small projects. Carries out project approach with stakeholders, and prepares realistic plans (including quality, risk and communications plans) and documents activities against the project schedule, liaising with stakeholders as appropriate.

• Information security

• Develops and communicates corporate information security policy, standards and guidelines. Contributes to the development of organizational strategies that address information control requirements. Evaluates and monitors environmental and market trends and pro-actively assesses impact on business strategies, benefits and risks. Manages the provision of authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions e.g. legal, technical support. Ensures architectural principles are applied during design to reduce risk and drives adoption and adherence to policy, standards and guidelines.

• Relationship Management: Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans. Negotiates with stakeholders at senior levels and ensures that organizational policy and strategies are adhered to.

• Problem Management

• Ensures that appropriate action is taken to anticipate, investigate and resolve problems in systems and services. Ensures that such problems are fully documented within the relevant reporting system(s). Leads the development of problem solutions. Coordinates the implementation of agreed remedies and preventative measures. Evaluates patterns and trends.

• Resourcing

• Develops plans to ensure that the organization has appropriately skilled resources to meet organizational objectives and commitments. Manages the effective implementation of resource planning, recruitment, selection, assessment, on-boarding and transitioning of resources. Evaluates standards, methods and tools for resource management. Ensures compliance with relevant statutory or external regulations and codes of good practice. Promotes the development of resource management policies, standards and guidelines as well as audits and assessment of resource management processes.

• Create security plans, policies, standards and training that prepares the organization to respond efficiently and effectively to cyberthreats.

• Utilize tools to monitor and research emerging threats and apply analytical understanding to identify and remediate those threats.

• Support vulnerability infrastructure scanning and remediation, triage and resolve false positives, and coordinate scanning to ensure that systems are appropriately protected.

• Work across groups to identify opportunities for improvement within the environment, both technical & operational, especially the cyber threat team to automate remediation where possible.

• Lead cyber incident response actions to ensure proper coordination, assessment, containment, mitigation, and documentation across functional and technical teams.

• Manage, mentor and develop resources in the handling of support and security activities including resolving tickets, daily health checks and monitoring.

• Coordinate staff when responding to urgent issues and findings.

• Control budgets for security operations and monitor expenses.

• Attend meetings with other managers to determine operational needs.

• Create and maintain status of issues tracked via the RSAM issues management application.

• Ensure compliance with the Sarbanes Oxley Act (SOX), the Payment Card Industry Data Security Standard (PCI DSS) and all applicable state and federal privacy laws and regulations.

• Conduct monthly maintenance planning meetings to review the implementation of security patches.

• Participates and contributes to information security-related internal / external audits.

• Remain aware of and apply industry best practices in security techniques.

• Performs other duties as assigned

• Bachelor's degree in Computer Science, CIS, or equivalent professional experience

• 8+ years of IT experience in technology position with a broad knowledge of IT hardware and software, particularly within a SAP environment.

• 5 years' experience managing technology teams

• 5+ years experience as an IT security administration / security technician

• Knowledgeable as to IT security concepts, compliance, principles, and tools

• Ability to understand business needs; ability to establish and maintain a high level of business partner trust and confidence in ITRM's concern for end users and other stakeholders

• Ability to work in team in diverse/ multiple stakeholder environments

• Ability to follow-up, follow through and deliver timely results

• Excellent analysis/troubleshooting skills, able to solve problems efficiently

• Excellent communication skills; feels comfortable working with non-technical business partners

• Able to motivate others to drive desired results

• Strong experience in establishing business processes

• Demonstrated ability to present recommendations to senior leaders for effective decision making

• Work with production support and project consultants in an onshore / offshore model

• Proven track record of delivering high quality solutions on time and on schedule

• Flexibility of providing support during odd hours, weekends, and peak seasons

• Minimal travel required (training/conferences)

• Retail industry experience preferred

ABOUT

At Ulta Beauty (NASDAQ: ULTA), the possibilities are beautiful. Ulta Beauty is the largest North American beauty retailer and the premier beauty destination for cosmetics, fragrance, skin care products, hair care products and salon services. We bring possibilities to life through the power of beauty each and every day in our stores and online with more than 25,000 products from approximately 500 well-established and emerging beauty brands across all categories and price points, including Ulta Beauty's own private label. Ulta Beauty also offers a full-service salon in every store featuring-hair, skin, brow, and make-up services.

We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act.