IT Engineer - Netsec

ULTA Salon Cosmetics & Fragrance   •  

Bolingbrook, IL

Industry: Retail & Consumer Goods


Less than 5 years

Posted 178 days ago

This job is no longer available.


Bolingbrook, IL, USA
1000 Remington Blvd

  • Share:


Ulta Beauty is the largest specialty beauty retailer in the United States and the place for the true beauty enthusiast who gets butterflies as she shops for beauty and experiments throughout our store. We are the only one to provide our guests prestige, mass and salon products and services under one roof – All Things Beauty, All in One Place™. We put our guests at the center of all we do, committing to offer her unrivaled ways to be beautiful in an environment that provides the thrill of exploration and delight of discovery.


The IT Engineer - NetSec will be primarily responsible for configuring, managing, implementing and supporting the LAN, WAN, and WLAN networks for UTLA’s corporate, distribution, and retail store business. This position is also accountable for supporting security-related aspects of both IT applications and infrastructure to ensure ULTA’s IT environment is protected against internal and external threats and in compliance with the Sarbanes Oxley Act (SOX), the Payment Card Industry Data Security Standard (PCI DSS) and all applicable state and federal privacy laws and regulations. Additional responsibilities include developing technology standards and procedures, collaborating on architectural direction, and assisting Sr. level engineers with designing solutions that meet the needs of a rapidly evolving business 


  • Availability Management: Provides advice, assistance and leadership associated with the planning, design and improvement of service and component availability, including the investigation and remediation of all SLA breaches. Plans arrangements for disaster recovery together with supporting processes and manages the testing of such plans.
  • Incident Management: Undertakes the identification, registration and categorization of incidents. Gathers information to enable incident resolution and promptly escalates incidents as appropriate. Maintains records and advises relevant persons of actions taken.
  • Information Security: Contributes advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Assesses and acts on vulnerability information and undertakes security risk assessments, business impact analysis and accreditation on complex information systems. Investigates major breaches of security, and recommends appropriate control improvements. Contributes todevelopment of information security policy, standards and guidelines.
  • Systems Installation and Decommissioning: Undertakes routine installations and de-installations of items of hardware and/or software. Takes action to ensure targets are met within established safety and quality procedures, including, where appropriate, handover to the client. Conducts tests of hardware and/or software using supplied test procedures and diagnostic tools. Corrects malfunctions, calling on other experienced colleagues and external resources if required. Documents details of all hardware/software items that have been installed and removed so that configuration management records can be updated. Develops installation procedures and standards, and schedules installation work. Provides specialist guidance and advice toless experienced colleagues to ensure best use is made of available assets, and to maintain or improve the installation service.
  • Innovation: Manages, monitors, and seeks opportunities, new methods, trends, capabilities and products to the advancement of the organization. Clearly articulates, and formally reports potential benefits from both structural and incremental change. Promotes and motivates colleagues to share creative ideas and learn from failures.
  • Research: Within given research goals, reviews and contributes to appropriate outline ideas for research, i.e. evaluation, development, demonstration and implementation. Leverages resources to gain an up-to-dateknowledge of any relevant field. Reports on work carried out and may contribute sections of material of publication quality.
  • Service Acceptance: Engages with technical design, service owners, and/or PMO to ensure correct products are produced, in a timely fashion. Assesses the quality of project outputs against agreed service acceptance criteria.




  • Bachelor’s degree in Computer Science, a related field, or applicable work experience
  • 3+ years’ experience in routing, core switching, Firewalls, VLAN, VPN, WLAN, TCP/IP, DNS, DHCP, monitoring tools, network topologies, Cisco and Palo Alto network components
  • 3+ years’ experience in F5 BigIP load balancing
  • Cisco Certified Network Associate (CCNA – Route/Switch and/or Security)
  • Proficient in the following protocols and technologies: EIGRP, OSFP, BGP, MPLS, STP, HSRP, VRRP and VPN
  • Working knowledge of Network access methods including T1, DS3, OC3, Ethernet, Wireless (WLC and Meraki)
  • Experience with IDS/IPS and NAC technologies
  • Proven experience and ability to manage problem resolutions of complex or intermittent issues in a multi-vendor, integrated enterprise environment
  • Experience with network/security monitoring and performance analysis monitoring tools, and a history of using them for performance tuning and troubleshooting
  • Demonstrates poise and professionalism while working under pressure
  • Strong communications (written and verbal), customer focus skills required
  • Extremely self-motivated and directed, with keen attention to detail
  • Proven track record of successfully creating process documentation and knowledge transfer
  • History of balancing multiple priorities simultaneously with the ability to adapt to the changing needs of the business while meeting deadlines
  • Off-Hours support including periodic (rotational) on-call required
  • Minimal travel required

Preferred Qualifications:

  • Cisco Certified Network Professional (CCNP) or Cisco Certified Design Associate (CCDA)
  • IT Security certification preferred (CISSP, CCNP Security, CCNA CyberOps, CISA, SANS etc.)
  • Cisco ACI experience
  • DNS/DHCP/IP Address Management tools (Infoblox).
  • Scripting skills with Python, Puppet, Ansible or Chef.