About the Company
e.l.f. Beauty, Inc. stands with every eye, lip, face and paw. Our deep commitment to clean, cruelty free beauty at an incredible value has fueled the success of our flagship brand e.l.f. Cosmetics since 2004 and driven our portfolio expansion. Today, our multi-brand portfolio includes e.l.f. Cosmetics, e.l.f. SKIN, pioneering clean beauty brand Well People, Keys Soulcare, a groundbreaking lifestyle beauty brand created with Alicia Keys, Naturium, high-performance, biocompatible, clinically-effective and accessible skin care, and our newest brand, rhode, a line of curated skincare essentials, formulated for a variety of skin types and needs with high performance ingredients, it’s a daily routine that nourishes your skin barrier over time.
In our Fiscal year 25, we had net sales of $1 Billion and our business performance has been nothing short of extraordinary with 28 consecutive quarters of net sales growth. We are the #2 mass cosmetics brand in the US and are the fastest growing mass cosmetics brand among the top 5. Our total compensation philosophy offers every full-time new hire competitive pay and benefits, bonus eligibility (200% of target over the last six fiscal years), equity, flexible time off, year-round half-day Fridays, and a hybrid 3 day in office, 2 day at home work environment. We believe the combination of our unique culture, total compensation, workplace flexibility and care for the team is unmatched across not just beauty but any industry.
Visit our Career Page to learn more about our team: https://www.elfbeauty.com/work-with-us
Position Summary
We are seeking a highly skilled Senior Information Security Engineer to lead enterprise-wide cybersecurity initiatives and strengthen our security posture across on-premises and cloud environments. This role involves designing and implementing advanced security solutions, including Zero Trust, DLP, Cloud Security, Network Segmentation, IAM, and Security Automation. The ideal candidate will collaborate with cross-functional teams to identify risks, develop mitigation strategies, ensure regulatory compliance, and proactively defend against evolving threats while safeguarding our systems, data, and infrastructure.
Must Have
- Strong Technical Security Foundation & Architecture
Deep knowledge of network, cloud, and endpoint security.
Hands-on experience with firewalls, SIEM tools (e.g., Splunk, Sentinel), EDR/XDR, IAM, and vulnerability management.
Understanding of encryption, authentication, and secure architecture design.
- Incident Response & Threat Management Skills
Ability to detect, analyze, and respond to security incidents effectively.
Skilled in log analysis, threat hunting, and forensics.
Familiarity with MITRE ATT&CK, common attack techniques, and SOC operations.
- Risk Assessment & Communication
Strong ability to assess vulnerabilities, prioritize risks, and implement mitigations.
Can translate technical findings into business impact and communicate clearly with both technical and non-technical teams.
Understanding of security frameworks and compliance standards (NIST, ISO 27001, CIS).
Responsibilities:
- Design, build, deploy, and maintain enterprise security technologies and solutions aligned with business objectives, compliance requirements, and the cybersecurity program.
- Develop, document, and enforce security policies, standards, and procedures based on frameworks such as NIST, CIS, ISO 27001, and SOX while advancing overall security maturity, governance, and processes.
- Lead strategic security initiatives, including Zero Trust architecture, Data Loss Prevention (DLP), Cloud Security, Network Segmentation, IAM, Endpoint Security modernization, and security automation.
- Manage and improve email security, DNS security, and other protective controls to defend against phishing, malware, data exfiltration, and domain-based threats.
- Lead vulnerability management programs and drive remediation efforts, providing visibility into risks and progress to stakeholders.
- Oversee incident response lifecycle—detection, analysis, containment, remediation, post-incident review—and continuously enhance disaster recovery and business continuity plans.
- Monitor and analyze security events and network activity (e.g., traffic analysis, host behavior, forensics, kill chain, Windows event analysis), tuning tools, and event correlation for accurate threat detection.
- Collaborate with IT, DevOps, and digital teams to embed security into system design, application development, deployment pipelines, and cloud infrastructure.
- Evaluate and review vendor and partner security practices to ensure alignment with organizational standards.
- Produce regular security dashboards and metrics to report on incidents, threats, and operational effectiveness.
- Lead security awareness training, mentor junior engineers, and guide cross-functional teams on secure design principles and best practices.
- Stay current on emerging threats, vulnerabilities, and technologies to enhance enterprise resilience.
Requirements:
- Bachelor’s degree in Computer Science, Cybersecurity, or related field; Master’s preferred.
- 7+ years of experience in information security engineering, architecture, or operations.
- Expertise in cloud security (AWS, Azure, GCP), data protection, IAM/SSO/MFA, email and DNS security, and secure network architecture.
- Hands-on experience with key security technologies: firewalls, VPN, NAC, EDR/MDR, IPS/IDS, SIEM, DLP, vulnerability management, and email security platforms (Proofpoint, Mimecast, Microsoft 365 Defender).
- Strong understanding of Zero Trust, endpoint protection, DevSecOps, security automation, and scripting (Python, PowerShell, Bash).
- Proven ability to lead incident response, risk assessments, threat detection, and remediation efforts.
- Experience implementing DNS protection solutions (Cisco Umbrella, Cloudflare, Infoblox, Valimail).
- Knowledge of security frameworks and compliance standards: NIST CSF, CIS Controls, ISO 27001, SOX.
- Demonstrated success in leading security awareness programs, mentoring team members, and advancing security program maturity.
- Relevant certifications preferred: CISSP, CISM, CISA, GIAC, Microsoft Security certifications, AWS Security Specialty, Azure Security Engineer Associate.
- Strong communication, leadership, and ability to manage multiple security initiatives.
$105,000 - $140,000 a year
The base salary range for this role is listed above.
Total compensation includes base salary, annual company-based performance bonus, and equity. Under e.l.f.’s annual bonus program, employees are eligible to earn up to 200% of their target bonus when company performance exceeds defined goals. In addition, e.l.f. provides a variety of other benefits to employees, including medical, dental, and vision insurance, a retirement savings plan, gender neutral parental leave, and unlimited paid time off. The amount of total compensation (including base salary) offered will be based on a wide range of factors, including geographic location, experience, specific skills, and qualifications.
Compensation components are subject to change at the company’s discretion
This job description is intended to describe the general nature and level of work being performed in this position. It also reflects the general details considered necessary to describe the principal functions of the job identified, and shall not be considered, as detailed description of all the work required inherent in the job. It is not an exhaustive list of responsibilities, and it is subject to changes and exceptions at the supervisors’ discretion.
e.l.f. Beauty respects your privacy. Please see our Job Applicant Privacy Notice (www.elfbeauty.com/us-job-applicant-privacy-notice) for how your personal information is used and shared.
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.