OVERVIEW
Live the
experience . From professional empowerment to continual learning opportunities. From ongoing investment in new and emerging technologies to a career of self-determination. At Ulta Beauty, our tech team is critical to our scalability-and is recognized that way. We've been defined as a "mature start-up." A place where interdepartmental exposure, open doors, and genuine collaboration is ubiquitous. Where challenges come fast and furious, requiring agility, mental dexterity, and creativity. Where
our passion for better solutions
drives us and is core to who we are.
We're engineering for the future of retail, and it's no-holds-barred. But for those motivated by continual change and ambiguity, by superior leadership, by whip smart colleagues who will press you daily for your very best, you'll find that virtually nothing's impossible at Ulta Beauty.
THE IMPACT YOU CAN HAVE:
The Cybersecurity Awareness Lead is responsible for developing and executing a comprehensive security awareness and training program that empowers employees to recognize and mitigate cyber risks. This role focuses on fostering a strong security culture across the organization through engaging education campaigns, targeted training, and measurable behavior change initiatives.
The Cybersecurity Awareness Lead will design and deliver content tailored to diverse audiences, leveraging modern communication strategies, behavioral science principles, and industry best practices. They will partner with business units, HR, and IT teams to integrate security awareness into onboarding, compliance programs, and daily workflows. Additionally, the role involves monitoring program effectiveness through metrics, phishing simulations, and feedback loops, ensuring continuous improvement and alignment with organizational risk objectives.
YOU'LL ACCOMPLISH THESE GOALS BY: Program Strategy & Development Design and implement a comprehensive cybersecurity awareness and training program aligned with organizational risk objectives Develop annual awareness plans, campaigns, and initiatives to foster a strong security culture Incorporate behavioral science principles to drive measurable security behavior change Content Creation & Delivery Create engaging, role-based training content for employees, contractors, and third parties Develop multimedia materials (videos, infographics, newsletters) and interactive learning modules Tailor messaging for different audiences, including executives, technical teams, and general staff Phishing Simulation & Behavioral Testing Plan and execute phishing simulation campaigns to measure user susceptibility Analyze results and provide targeted follow-up training for high-risk groups Continuously refine simulations based on emerging phishing tactics and threat trends Metrics & Reporting Define KPIs for awareness effectiveness (e.g., phishing click rates, training completion rates) Produce dashboards and reports for leadership, highlighting program impact and areas for improvement Use data-driven insights to adjust awareness strategies and content Stakeholder Engagement Partner with HR, IT, and business units to integrate security awareness into onboarding and compliance programs Collaborate with communications teams to ensure consistent messaging across channels Act as a trusted advisor to leadership on security culture initiatives Threat Intelligence & Continuous Improvement Stay current on emerging cyber threats and incorporate relevant topics into awareness campaigns Benchmark program maturity against industry standards (e.g., NIST, SANS Security Awareness) Evaluate and implement new tools, platforms, and gamification techniques to enhance engagement Governance & Compliance Ensure awareness programs meet regulatory and compliance requirements (e.g., ISO 27001, PCI DSS) Maintain documentation for audits and certifications Support risk management by aligning awareness initiatives with organizational policies Incident Response Support Provide rapid awareness communications during security incidents or zero-day vulnerabilities Develop playbooks for emergency messaging and employee guidance during crises ADDITIONAL RESPONSIBILITIES:
An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood and actionable manner An ability to effectively influence and convince others to make appropriate changes in their priorities and behaviors for the benefit of the organization An ability to coordinate activities on behalf of Information Security with HR, Risk Management, and Compliance functions An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business Work across groups to identify opportunities for improvement within the environment, along with plans to capture those benefits. Responsible for ensuring adherence to existing processes both operationally, and in support of PCI and/or SOX audit requirements. ESSENTIALS FOR SUCCESS: BA or MA in Communications, Marketing, Psychology, or a related field (or relevant experience in these areas) 5+ years of relevant work experience, preferably in similar roles and/or either Communications, Marketing, or related fields Demonstrable experience in technical training or adult education Excellent analysis/troubleshooting skills, able to solve problems efficiently Excellent communication skills; feels comfortable working with non-technical business partners Work with production support and project consultants in an onshore / offshore model Able to prioritize and execute tasks in a high-pressure environment Solid knowledge of industry best practices Knowledgeable as to IT security concepts, compliance, principles, and tools Ability to work in team in diverse/ multiple stakeholder environments Ability to follow-up, follow through and deliver timely results Proven track record of delivering high quality solutions on time and on schedule Flexibility of providing support during odd hours, weekends, and peak seasons Off-Hours support including 24x7 on-call required Minimal travel required (training/conferences) Retail industry experience preferred #LI-HYBRID
#LI-ML1
The pay range for this position is $102,900.00 - $140,000.00 / Year with the opportunity for eligible associates to earn additional compensation pursuant to the Company's bonus plan. Exact pay will be based on factors including, but not limited to relevant education, qualifications, certifications, experience, level, shift, geographic location, and business and organizational needs. Full-time positions are eligible for paid time off, health, dental, vision, life and disability benefits. Part-time positions are eligible for dental, vision, life, and disability benefits. For additional information concerning our benefits, visit our Benefits and Career Development page: https://learn.bswift.com/ulta
ABOUT
At
Ulta Beauty
(NASDAQ: ULTA),
the possibilities are beautiful . Ulta Beauty is the largest North American beauty retailer and the premier beauty destination for cosmetics, fragrance, skin care products, hair care products and salon services. We bring possibilities to life through the power of beauty each and every day in our stores and online with more than 25,000 products from approximately 500 well-established and emerging beauty brands across all categories and price points, including Ulta Beauty's own private label. Ulta Beauty also offers a full-service salon in every store featuring-hair, skin, brow, and make-up services.
We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act.
Live the
experience . From professional empowerment to continual learning opportunities. From ongoing investment in new and emerging technologies to a career of self-determination. At Ulta Beauty, our tech team is critical to our scalability-and is recognized that way. We've been defined as a "mature start-up." A place where interdepartmental exposure, open doors, and genuine collaboration is ubiquitous. Where challenges come fast and furious, requiring agility, mental dexterity, and creativity. Where
our passion for better solutions
drives us and is core to who we are.
We're engineering for the future of retail, and it's no-holds-barred. But for those motivated by continual change and ambiguity, by superior leadership, by whip smart colleagues who will press you daily for your very best, you'll find that virtually nothing's impossible at Ulta Beauty.
THE IMPACT YOU CAN HAVE:
The Cybersecurity Awareness Lead is responsible for developing and executing a comprehensive security awareness and training program that empowers employees to recognize and mitigate cyber risks. This role focuses on fostering a strong security culture across the organization through engaging education campaigns, targeted training, and measurable behavior change initiatives.
The Cybersecurity Awareness Lead will design and deliver content tailored to diverse audiences, leveraging modern communication strategies, behavioral science principles, and industry best practices. They will partner with business units, HR, and IT teams to integrate security awareness into onboarding, compliance programs, and daily workflows. Additionally, the role involves monitoring program effectiveness through metrics, phishing simulations, and feedback loops, ensuring continuous improvement and alignment with organizational risk objectives.
YOU'LL ACCOMPLISH THESE GOALS BY: Program Strategy & Development Design and implement a comprehensive cybersecurity awareness and training program aligned with organizational risk objectives Develop annual awareness plans, campaigns, and initiatives to foster a strong security culture Incorporate behavioral science principles to drive measurable security behavior change Content Creation & Delivery Create engaging, role-based training content for employees, contractors, and third parties Develop multimedia materials (videos, infographics, newsletters) and interactive learning modules Tailor messaging for different audiences, including executives, technical teams, and general staff Phishing Simulation & Behavioral Testing Plan and execute phishing simulation campaigns to measure user susceptibility Analyze results and provide targeted follow-up training for high-risk groups Continuously refine simulations based on emerging phishing tactics and threat trends Metrics & Reporting Define KPIs for awareness effectiveness (e.g., phishing click rates, training completion rates) Produce dashboards and reports for leadership, highlighting program impact and areas for improvement Use data-driven insights to adjust awareness strategies and content Stakeholder Engagement Partner with HR, IT, and business units to integrate security awareness into onboarding and compliance programs Collaborate with communications teams to ensure consistent messaging across channels Act as a trusted advisor to leadership on security culture initiatives Threat Intelligence & Continuous Improvement Stay current on emerging cyber threats and incorporate relevant topics into awareness campaigns Benchmark program maturity against industry standards (e.g., NIST, SANS Security Awareness) Evaluate and implement new tools, platforms, and gamification techniques to enhance engagement Governance & Compliance Ensure awareness programs meet regulatory and compliance requirements (e.g., ISO 27001, PCI DSS) Maintain documentation for audits and certifications Support risk management by aligning awareness initiatives with organizational policies Incident Response Support Provide rapid awareness communications during security incidents or zero-day vulnerabilities Develop playbooks for emergency messaging and employee guidance during crises ADDITIONAL RESPONSIBILITIES:
An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood and actionable manner An ability to effectively influence and convince others to make appropriate changes in their priorities and behaviors for the benefit of the organization An ability to coordinate activities on behalf of Information Security with HR, Risk Management, and Compliance functions An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business Work across groups to identify opportunities for improvement within the environment, along with plans to capture those benefits. Responsible for ensuring adherence to existing processes both operationally, and in support of PCI and/or SOX audit requirements. ESSENTIALS FOR SUCCESS: BA or MA in Communications, Marketing, Psychology, or a related field (or relevant experience in these areas) 5+ years of relevant work experience, preferably in similar roles and/or either Communications, Marketing, or related fields Demonstrable experience in technical training or adult education Excellent analysis/troubleshooting skills, able to solve problems efficiently Excellent communication skills; feels comfortable working with non-technical business partners Work with production support and project consultants in an onshore / offshore model Able to prioritize and execute tasks in a high-pressure environment Solid knowledge of industry best practices Knowledgeable as to IT security concepts, compliance, principles, and tools Ability to work in team in diverse/ multiple stakeholder environments Ability to follow-up, follow through and deliver timely results Proven track record of delivering high quality solutions on time and on schedule Flexibility of providing support during odd hours, weekends, and peak seasons Off-Hours support including 24x7 on-call required Minimal travel required (training/conferences) Retail industry experience preferred #LI-HYBRID
#LI-ML1
The pay range for this position is $102,900.00 - $140,000.00 / Year with the opportunity for eligible associates to earn additional compensation pursuant to the Company's bonus plan. Exact pay will be based on factors including, but not limited to relevant education, qualifications, certifications, experience, level, shift, geographic location, and business and organizational needs. Full-time positions are eligible for paid time off, health, dental, vision, life and disability benefits. Part-time positions are eligible for dental, vision, life, and disability benefits. For additional information concerning our benefits, visit our Benefits and Career Development page: https://learn.bswift.com/ulta
ABOUT
At
Ulta Beauty
(NASDAQ: ULTA),
the possibilities are beautiful . Ulta Beauty is the largest North American beauty retailer and the premier beauty destination for cosmetics, fragrance, skin care products, hair care products and salon services. We bring possibilities to life through the power of beauty each and every day in our stores and online with more than 25,000 products from approximately 500 well-established and emerging beauty brands across all categories and price points, including Ulta Beauty's own private label. Ulta Beauty also offers a full-service salon in every store featuring-hair, skin, brow, and make-up services.
We will consider for employment all qualified applicants, including those with arrest records, conviction records, or other criminal histories, in a manner consistent with the requirements of any applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, the San Francisco Fair Chance Ordinance, and the New York City Fair Chance Act.