Deputy Chief Information Security Officer

Date: Jul 28, 2022

Location: Baltimore, MD, US, 21230

Company: Under Armour

Under Armour has one mission: to make you better. We have a commitment to innovation that lies at the heart of everything we do, not just for our athletes but also for our teammates. As a global organization, our teams around the world push boundaries and think beyond what is expected. Together our teammates are unified by our values and are grounded in our vision to inspire you with performance solutions you never knew you needed but can’t imagine living without.

Position Summary

The Deputy Chief Information Security Officer will assist the Global CISO in leading Under Armour’ s Global Cyber Security program. The ideal candidate is a thought leader, consensus builder, technologist and bridges business and technology. This executive should possess demonstrated technical expertise and notable success in leading Security Operations, Vulnerability Management, Hybrid Infrastructure Security & Incident Response management.

The duties of the Deputy CISO require building trust, face to face leadership interactions and developing business knowledge. To ensure success, the Deputy CISO is required to be in the office 1-2 days a week in one of our corporate office locations in Austin, TX, Baltimore, MD, or Portland, OR. 

Essential Duties & Responsibilities

Core Accountabilities and Ownerships:

  • Ownership and accountability for managing the Global Cyber Security Operations.
  • Identify, mitigate, and manage Revenue, Financial and Brand risks to the organization. 
  • Manage and mature components of our Global Cyber Security Operations
    • Hybrid Infrastructure security program.
    • Asset Detection & Vulnerability Management program. 
    • Incident Response and Business continuity program
    • Threat Intelligence and insider threat program 
  • Maintain continuous awareness and understanding of emerging information security threats, vulnerabilities, and control techniques. 
  • Liaise with external partners and peers to ensure that the organization maintains a strong, proactive security posture.
  • Understand the business, build trusted relationships with business and executive leadership.
  • Maintain a clear line of communication with the Global CISO on all matters relevant to risk associated with Revenue, Financial and Brand.

Cross-Functional responsibilities and ownership:

  • Understand and articulate the trade-offs required to manage the different levels of risk appetite and risk exposure across the organization. 
  • Assist GRC leadership in reviewing enterprise IT and cyber risks, assess current capabilities, prioritize security, and risk strategies.
  • Support the Application development and sustainment security teams with their mobile, eCommerce and SaaS environment needs.
  • Support the I&AM team with integrating SSO/MFA across all internal and external applications and areas that require user access controls.
  • Help develop, design, and coordinate technical projects and associated budgets.

CISO Functions:

  • Support the Global CISO as a liaison to senior executives on matters of cyber security and cyber risk, to foster the execution of cyber security as a business enabler.
  • Support the Global CISO in interacting with internal and external counsel, Audit & IT Controls teams, internal risk committees, as well as external state and federal agencies (e.g., FBI) on a routine basis.
  • Support the Global CISO with developing and maintaining the annual budget, ensuring projects are executed as planned and staying aligned with global SG&A mandates.
  • The Deputy CISO will run the Global Cyber Security function when the CISO is unavailable and must be able to function as the CISO during those times and crisis situations.

Qualifications (Knowledge, Skills & Abilities)

  • Highly engaged and Team-First leadership
  • Business enabling mindset
  • Accurate communication and presentation
  • Knowledge of industry regulations and standards
  • Cross-functional collaboration and conflict management
  • Cyber Risk assessment and risk management
  • Cyber policy and standards
  • Planning and strategic management skills.
  • Incident management and pre-planning

Education And / Or Experience

  • Minimum of 8-10 years’ experience building and leading global cyber security programs.
  • Minimum of 3-5 years leading Security Operations and Incident Response Teams
  • Excellent written and verbal communications skills with experience presenting to executives and leadership teams.
  • Technical or Business Administration (MBA) Master’s degree.

Other Requirements

  • Location: This individual must reside within commuting distance from our Portland, OR , Austin, TX or Baltimore, MD office location. 
  • Return To Work Designation: 1-2 days a week in-office, the remainder of work week remote. 
  • Travel: 5-10% of the year 
  • Licenses/Certifications: CISSP, CRISC, or CISM, certifications.


  • No Relocation Provided 

At Under Armour, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by applicable law.  Under Armour believes that diversity and inclusion among our teammates is critical to our success as a global company, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool. 

Learn more about Under Armour’s COVID-19 response and Teammate vaccination policies here.

Nearest Major Market: Baltimore