IT Manager Vulnerability Management

OVERVIEW

Live the experience . From professional empowerment to continual learning opportunities. From ongoing investment in new and emerging technologies to a career of self-determination. At Ulta Beauty, our tech team is critical to our scalability—and is recognized that way. We’ve been defined as a “mature start-up.” A place where interdepartmental exposure, open doors, and genuine collaboration is ubiquitous. Where challenges come fast and furious, requiring agility, mental dexterity, and creativity. Where our passion for better solutions drives us and is core to who we are.

We’re engineering for the future of retail, and it’s no-holds-barred. But for those motivated by continual change and ambiguity, by superior leadership, by whip smart colleagues who will press you daily for your very best, you’ll find that virtually nothing’s impossible at Ulta Beauty.

THE IMPACT YOU CAN HAVE :

The IT Manager – Vulnerability Management is responsible for leading the organization’s efforts to identify, assess, and remediate vulnerabilities across IT systems, applications, and infrastructure. This role works closely with cross-functional teams—including Application Development, Infrastructure, Security Operations, and Risk Management—to ensure the company’s digital assets are protected against evolving threats and comply with all applicable regulations. Key responsibilities include developing and executing vulnerability management strategies, overseeing vulnerability scanning and assessment processes, and coordinating timely remediation activities. The manager will monitor external sources for emerging vulnerabilities, produce actionable reports for technical teams and leadership, and integrate vulnerability intelligence into security operations. The role will mentor and develop team members, foster collaboration with internal and external partners, and deliver clear, actionable briefings to leadership. The role requires strong project management skills, the ability to translate technical findings into business risk language, and a commitment to maintaining compliance with regulatory requirements (such as SOX, PCI DSS, and privacy laws).

YOU'LL ACCOMPLISH THESE GOALS BY :

• Project Management : Defines, documents, and carries out small projects. Carries out project approach with stakeholders, and prepares realistic plans (including quality, risk and communications plans) and documents activities against the project schedule, liaising with stakeholders as appropriate.
• Information security - Develops and communicates corporate information security policy, standards and guidelines. Contributes to the development of organizational strategies that address information control requirements. Evaluates and monitors environmental and market trends and pro-actively assesses impact on business strategies, benefits and risks. Manages the provision of authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions e.g. legal, technical support. Ensures architectural principles are applied during design to reduce risk and drives adoption and adherence to policy, standards and guidelines.
• Relationship Management : Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans. Negotiates with stakeholders at senior levels and ensures that organizational policy and strategies are adhered to.
• Problem Management - Ensures that appropriate action is taken to anticipate, investigate and resolve problems in systems and services. Ensures that such problems are fully documented within the relevant reporting system(s). Leads the development of problem solutions. Coordinates the implementation of agreed remedies and preventative measures. Evaluates patterns and trends.
• Resourcing - Develops plans to ensure that the organization has appropriately skilled resources to meet organizational objectives and commitments. Manages the effective implementation of resource planning, recruitment, selection, assessment, on-boarding and transitioning of resources. Evaluates standards, methods and tools for resource management. Ensures compliance with relevant statutory or external regulations and codes of good practice. Promotes the development of resource management policies, standards and guidelines as well as audits and assessment of resource management processes.

ADDITIONAL RESPONSIBILITIES :

ESSENTIALS FOR SUCCESS :

#LI-HYBRID

#LI - ML1

The pay range for this position is $119,300.00 - $160,000.00 / Year with the opportunity for eligible associates to earn additional compensation pursuant to the Company’s bonus plan. Exact pay will be based on factors including, but not limited to relevant education, qualifications, certifications, experience, level, shift, geographic location, and business and organizational needs. Full-time positions are eligible for paid time off, health, dental, vision, life and disability benefits. Part-time positions are eligible for dental, vision, life, and disability benefits. For additional information concerning our benefits, visit our Benefits and Career Development page :

ABOUT

At  Ulta Beauty  (NASDAQ : ULTA),  the possibilities are beautiful . Ulta Beauty is the largest North American beauty retailer and the premier beauty destination for cosmetics, fragrance, skin care products, hair care products and salon services. We bring possibilities to life through the power of beauty each and every day in our stores and online with more than 25,000 products from approximately 500 well-established and emerging beauty brands across all categories and price points, including Ulta Beauty’s own private label. Ulta Beauty also offers a full-service salon in every store featuring—hair, skin, brow, and make-up services.

We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act.