• Manager IT Security Engineering

    Academy Sports + Outdoors (Katy, TX)


    Come work at a place where we take pride in creating a workplace environment that values hard work, commitment, and growth .

     

    The Manager IT Security Engineer for Academy Sports + Outdoors is a strategic and hands-on leader responsible for overseeing the organization's security operations and engineering functions. This role manages the Security Operations Center (SOC), leads threat detection and incident response efforts, and directs the design, implementation, and optimization of security tools and infrastructure. The ideal candidate will be a collaborative leader with deep technical expertise and a passion for building scalable, resilient security programs.

    Job Description:

    Education:

    + Bachelor’s degree in Computer Science, Information Technology or similar field of study is required

    + Certified Information System Security Professional (CISSP), CISM or similar certifications required

    Work Experiences:

    + Experience with developing or implementing secure architecture and meet business needed

    + 7+ years of experience in cybersecurity, with at least 3 years in a management or leadership role

    + Proven expertise in both security operations and engineering disciplines

    + Hands-on experience with best-of-bred cyber tools, such as Sentinel One, Palo Alto, Darktrace and others

    + Strong understanding of security frameworks (NIST, MITRE ATT&CK, ISO 27001) and modern threat landscapes

    + Experience with cloud security (AWS, Azure, GCP) and hybrid environments

    + Excellent communication, leadership, and project management skills

    Skills:

    + Strong understanding of incident detection, response, forensics, and threat hunting

    + Familiarity with managing a Security Operations Center (SOC)

    + Hands-on experience with deploying and managing security tools (SIEM, EDR, IDS/IPS, DLP, NAC, VPN, firewalls, etc.)

    + Experience building secure network architectures and endpoint protection strategies

    + Automation of security processes (e.g., using SOAR platforms or scripting)

    + Proven ability to lead and mentor technical teams (engineers, analysts)

    + Resource planning and performance management

    + Ability to align security operations and engineering strategies with business goals

    + Proactive approach to evolving security challenges and threat landscapes

    + Knowledge of security frameworks and standards (NIST, ISO 27001, CIS, MITRE ATT&CK)

    + Experience supporting audits and regulatory compliance (SOX, PCI-DSS, HIPAA, GDPR)

    + Ability to make informed, high-impact decisions under pressure

    + Experience leading cross-functional security projects

    + Strong organizational and prioritization skills

    Responsibilities:

    + Oversee day-to-day operations of the Security Operations Center (SOC), including monitoring, detection, triage, response, and remediation of security incidents.

    + Develop and maintain incident response plans, playbooks, and escalation procedures.

    + Coordinate with internal stakeholders and external partners during security incidents and investigations.

    + Conduct threat intelligence analysis and threat hunting activities to stay ahead of emerging threats.

    + Lead the design, implementation, and maintenance of security technologies (e.g., SIEM, EDR, firewalls, VPN, NAC, DLP, vulnerability scanners).

    + Evaluate and deploy new security tools and automation to enhance operational efficiency and threat coverage.

    + Ensure security architecture aligns with enterprise IT and cloud infrastructure.

    + Collaborate with IT, DevOps, and cloud teams to embed security into systems and services from design to deployment.

    + Manage and mentor a team of security analysts and engineers, fostering a culture of continuous improvement and accountability.

    + Define and track key performance indicators (KPIs) and metrics for security operations and engineering performance.

    + Ensure compliance with internal policies, industry standards, and regulatory requirements (e.g., SOX, PCI-DSS, HIPAA, NIST).

    + Provide executive-level reporting on security risks, incidents, and program status.

    + Develop thorough understanding of Academy policies, procedures and safety rules

    + Duties may change; team members may be required to perform other duties as assigned

     

    Physical Requirements & Attendance

     

    + Acceptable level of hearing and vision to perform job duties.

    + Adhere to company work hours, policies, procedures and rules governing professional staff behavior.

    + 100% on campus, at this time the company does not allow remote working options.

     

    Full time

    Equal Employment Opportunity

    Academy is an Equal Opportunity Employer and does not discriminate with regard to employment opportunities or practices on the basis of race, religion, national origin, sex, age, disability, gender identity, sexual orientation, or any other category protected by law. ​