IT Security Engineer

Information Technology


The position of IT Security Engineer is responsible for analysis, development, operation, and interpretation related to information and system security policies and practices. This position requires highly technical and analytical abilities including strong network administration skills and the use of scripting languages. This position reports to the Information Security Officer.


  • Analyze and track reports of inappropriate use of technology and company/personal information, including information security incidents, and participate in the investigation and resolution of such incidents.
  • Design, deploy, and administer network and application security controls such as intrusion detection/prevention, vulnerability scanning, log reporting and correlation, web application scanning, endpoint protection, securing wireless networks, access controls and encryption capabilities.
  • Identify and define system security requirements.
  • Design system security architecture and develop detailed security designs.
  • Proactively mitigate risks to Hibbett from emerging threats by maintaining knowledge of current technology, issues and best practices related to information and systems security.
  • Plan and execute security assessments such as internal and external network penetration tests, network vulnerability scanning, website vulnerability assessments, and others. Report findings and assist with development and completion of any remediation plans necessary.
  • Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
  • Utilize IT Security tools to monitor and research potential information security issues related to the systems at Hibbett to ensure internal security controls are appropriate and operating as intended
  • Ensure Hibbett information technology policies are appropriate, achievable, and followed.
  • Participate in developing and administering appropriate sensitive information handling and storage practices.
  • Participate in the handling and resolution of cyber incidents.
  • Protect the company’s assets and financial information by ensuring the accuracy and effectiveness of internal control procedures, and informing management and/or appropriate officials of potential fraud risk.
  • After business hours on-call availability/incident response is required.
  • Other requirements may be added as needed.


Must have a Bachelors degree in Computer Science or equivalent field experience. At least 5 years of experience in network administration with 3 or more years involved in IT Security is required. Security administration experience is preferred. GSEC, Security+ or other related certifications is preferred. Must have a thorough understanding of Linux and Windows environments.


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed