OVERVIEW
Live the
experience . From professional empowerment to continual learning opportunities. From ongoing investment in new and emerging technologies to a career of self-determination. At Ulta Beauty, our tech team is critical to our scalability—and is recognized that way. We’ve been defined as a “mature start-up.” A place where interdepartmental exposure, open doors, and genuine collaboration is ubiquitous. Where challenges come fast and furious, requiring agility, mental dexterity, and creativity. Where
our passion for better solutions
drives us and is core to who we are.
We’re engineering for the future of retail, and it’s no-holds-barred. But for those motivated by continual change and ambiguity, by superior leadership, by whip smart colleagues who will press you daily for your very best, you’ll find that virtually nothing’s impossible at Ulta Beauty.
THE IMPACT YOU CAN HAVE: The Cybersecurity Awareness Lead is responsible for developing and executing a comprehensive security awareness and training program that empowers employees to recognize and mitigate cyber risks. This role focuses on fostering a strong security culture across the organization through engaging education campaigns, targeted training, and measurable behavior change initiatives.
The Cybersecurity Awareness Lead will design and deliver content tailored to diverse audiences, leveraging modern communication strategies, behavioral science principles, and industry best practices. They will partner with business units, HR, and IT teams to integrate security awareness into onboarding, compliance programs, and daily workflows. Additionally, the role involves monitoring program effectiveness through metrics, phishing simulations, and feedback loops, ensuring continuous improvement and alignment with organizational risk objectives.
YOU'LL ACCOMPLISH THESE GOALS BY:
Program Strategy & Development
Design and implement a comprehensive cybersecurity awareness and training program aligned with organizational risk objectives
Develop annual awareness plans, campaigns, and initiatives to foster a strong security culture
Incorporate behavioral science principles to drive measurable security behavior change
Content Creation & Delivery
Create engaging, role-based training content for employees, contractors, and third parties
Develop multimedia materials (videos, infographics, newsletters) and interactive learning modules
Tailor messaging for different audiences, including executives, technical teams, and general staff
Phishing Simulation & Behavioral Testing
Plan and execute phishing simulation campaigns to measure user susceptibility
Analyze results and provide targeted follow-up training for high-risk groups
Continuously refine simulations based on emerging phishing tactics and threat trends
Metrics & Reporting
Define KPIs for awareness effectiveness (e.g., phishing click rates, training completion rates)
Produce dashboards and reports for leadership, highlighting program impact and areas for improvement
Use data-driven insights to adjust awareness strategies and content
Stakeholder Engagement
Partner with HR, IT, and business units to integrate security awareness into onboarding and compliance programs
Collaborate with communications teams to ensure consistent messaging across channels
Act as a trusted advisor to leadership on security culture initiatives
Threat Intelligence & Continuous Improvement
Stay current on emerging cyber threats and incorporate relevant topics into awareness campaigns
Benchmark program maturity against industry standards (e.g., NIST, SANS Security Awareness)
Evaluate and implement new tools, platforms, and gamification techniques to enhance engagement
Governance & Compliance
Ensure awareness programs meet regulatory and compliance requirements (e.g., ISO 27001, PCI DSS)
Maintain documentation for audits and certifications
Support risk management by aligning awareness initiatives with organizational policies
Incident Response Support
Provide rapid awareness communications during security incidents or zero-day vulnerabilities
Develop playbooks for emergency messaging and employee guidance during crises
ADDITIONAL RESPONSIBILITIES:
An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood and actionable manner
An ability to effectively influence and convince others to make appropriate changes in their priorities and behaviors for the benefit of the organization
An ability to coordinate activities on behalf of Information Security with HR, Risk Management, and Compliance functions
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
Work across groups to identify opportunities for improvement within the environment, along with plans to capture those benefits.
Responsible for ensuring adherence to existing processes both operationally, and in support of PCI and/or SOX audit requirements.
ESSENTIALS FOR SUCCESS:
BA or MA in Communications, Marketing, Psychology, or a related field (or relevant experience in these areas)
5+ years of relevant work experience, preferably in similar roles and/or either Communications, Marketing, or related fields
Demonstrable experience in technical training or adult education
Excellent analysis/troubleshooting skills, able to solve problems efficiently
Excellent communication skills; feels comfortable working with non-technical business partners
Work with production support and project consultants in an onshore / offshore model
Able to prioritize and execute tasks in a high-pressure environment
Solid knowledge of industry best practices
Knowledgeable as to IT security concepts, compliance, principles, and tools
Ability to work in team in diverse/ multiple stakeholder environments
Ability to follow-up, follow through and deliver timely results
Proven track record of delivering high quality solutions on time and on schedule
Flexibility of providing support during odd hours, weekends, and peak seasons
Off-Hours support including 24x7 on-call required
Minimal travel required (training/conferences)
Retail industry experience preferred
#LI-HYBRID
#LI-ML1
The pay range for this position is $102,900.00 - $140,000.00 / Year with the opportunity for eligible associates to earn additional compensation pursuant to the Company’s bonus plan. Exact pay will be based on factors including, but not limited to relevant education, qualifications, certifications, experience, level, shift, geographic location, and business and organizational needs. Full-time positions are eligible for paid time off, health, dental, vision, life and disability benefits. Part-time positions are eligible for dental, vision, life, and disability benefits. For additional information concerning our benefits, visit our Benefits and Career Development page: https://learn.bswift.com/ulta
ABOUT At Ulta Beauty (NASDAQ: ULTA), the possibilities are beautiful. Ulta Beauty is the largest North American beauty retailer and the premier beauty destination for cosmetics, fragrance, skin care products, hair care products and salon services. We bring possibilities to life through the power of beauty each and every day in our stores and online with more than 25,000 products from approximately 500 well-established and emerging beauty brands across all categories and price points, including Ulta Beauty’s own private label. Ulta Beauty also offers a full-service salon in every store featuring—hair, skin, brow, and make-up services.
We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act.
#J-18808-Ljbffr
experience . From professional empowerment to continual learning opportunities. From ongoing investment in new and emerging technologies to a career of self-determination. At Ulta Beauty, our tech team is critical to our scalability—and is recognized that way. We’ve been defined as a “mature start-up.” A place where interdepartmental exposure, open doors, and genuine collaboration is ubiquitous. Where challenges come fast and furious, requiring agility, mental dexterity, and creativity. Where
our passion for better solutions
drives us and is core to who we are.
We’re engineering for the future of retail, and it’s no-holds-barred. But for those motivated by continual change and ambiguity, by superior leadership, by whip smart colleagues who will press you daily for your very best, you’ll find that virtually nothing’s impossible at Ulta Beauty.
THE IMPACT YOU CAN HAVE: The Cybersecurity Awareness Lead is responsible for developing and executing a comprehensive security awareness and training program that empowers employees to recognize and mitigate cyber risks. This role focuses on fostering a strong security culture across the organization through engaging education campaigns, targeted training, and measurable behavior change initiatives.
The Cybersecurity Awareness Lead will design and deliver content tailored to diverse audiences, leveraging modern communication strategies, behavioral science principles, and industry best practices. They will partner with business units, HR, and IT teams to integrate security awareness into onboarding, compliance programs, and daily workflows. Additionally, the role involves monitoring program effectiveness through metrics, phishing simulations, and feedback loops, ensuring continuous improvement and alignment with organizational risk objectives.
YOU'LL ACCOMPLISH THESE GOALS BY:
Program Strategy & Development
Design and implement a comprehensive cybersecurity awareness and training program aligned with organizational risk objectives
Develop annual awareness plans, campaigns, and initiatives to foster a strong security culture
Incorporate behavioral science principles to drive measurable security behavior change
Content Creation & Delivery
Create engaging, role-based training content for employees, contractors, and third parties
Develop multimedia materials (videos, infographics, newsletters) and interactive learning modules
Tailor messaging for different audiences, including executives, technical teams, and general staff
Phishing Simulation & Behavioral Testing
Plan and execute phishing simulation campaigns to measure user susceptibility
Analyze results and provide targeted follow-up training for high-risk groups
Continuously refine simulations based on emerging phishing tactics and threat trends
Metrics & Reporting
Define KPIs for awareness effectiveness (e.g., phishing click rates, training completion rates)
Produce dashboards and reports for leadership, highlighting program impact and areas for improvement
Use data-driven insights to adjust awareness strategies and content
Stakeholder Engagement
Partner with HR, IT, and business units to integrate security awareness into onboarding and compliance programs
Collaborate with communications teams to ensure consistent messaging across channels
Act as a trusted advisor to leadership on security culture initiatives
Threat Intelligence & Continuous Improvement
Stay current on emerging cyber threats and incorporate relevant topics into awareness campaigns
Benchmark program maturity against industry standards (e.g., NIST, SANS Security Awareness)
Evaluate and implement new tools, platforms, and gamification techniques to enhance engagement
Governance & Compliance
Ensure awareness programs meet regulatory and compliance requirements (e.g., ISO 27001, PCI DSS)
Maintain documentation for audits and certifications
Support risk management by aligning awareness initiatives with organizational policies
Incident Response Support
Provide rapid awareness communications during security incidents or zero-day vulnerabilities
Develop playbooks for emergency messaging and employee guidance during crises
ADDITIONAL RESPONSIBILITIES:
An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood and actionable manner
An ability to effectively influence and convince others to make appropriate changes in their priorities and behaviors for the benefit of the organization
An ability to coordinate activities on behalf of Information Security with HR, Risk Management, and Compliance functions
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
Work across groups to identify opportunities for improvement within the environment, along with plans to capture those benefits.
Responsible for ensuring adherence to existing processes both operationally, and in support of PCI and/or SOX audit requirements.
ESSENTIALS FOR SUCCESS:
BA or MA in Communications, Marketing, Psychology, or a related field (or relevant experience in these areas)
5+ years of relevant work experience, preferably in similar roles and/or either Communications, Marketing, or related fields
Demonstrable experience in technical training or adult education
Excellent analysis/troubleshooting skills, able to solve problems efficiently
Excellent communication skills; feels comfortable working with non-technical business partners
Work with production support and project consultants in an onshore / offshore model
Able to prioritize and execute tasks in a high-pressure environment
Solid knowledge of industry best practices
Knowledgeable as to IT security concepts, compliance, principles, and tools
Ability to work in team in diverse/ multiple stakeholder environments
Ability to follow-up, follow through and deliver timely results
Proven track record of delivering high quality solutions on time and on schedule
Flexibility of providing support during odd hours, weekends, and peak seasons
Off-Hours support including 24x7 on-call required
Minimal travel required (training/conferences)
Retail industry experience preferred
#LI-HYBRID
#LI-ML1
The pay range for this position is $102,900.00 - $140,000.00 / Year with the opportunity for eligible associates to earn additional compensation pursuant to the Company’s bonus plan. Exact pay will be based on factors including, but not limited to relevant education, qualifications, certifications, experience, level, shift, geographic location, and business and organizational needs. Full-time positions are eligible for paid time off, health, dental, vision, life and disability benefits. Part-time positions are eligible for dental, vision, life, and disability benefits. For additional information concerning our benefits, visit our Benefits and Career Development page: https://learn.bswift.com/ulta
ABOUT At Ulta Beauty (NASDAQ: ULTA), the possibilities are beautiful. Ulta Beauty is the largest North American beauty retailer and the premier beauty destination for cosmetics, fragrance, skin care products, hair care products and salon services. We bring possibilities to life through the power of beauty each and every day in our stores and online with more than 25,000 products from approximately 500 well-established and emerging beauty brands across all categories and price points, including Ulta Beauty’s own private label. Ulta Beauty also offers a full-service salon in every store featuring—hair, skin, brow, and make-up services.
We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act.
#J-18808-Ljbffr