Under Armour, Inc. Cyber Risk Analyst in Baltimore, Maryland
Cyber Risk Analyst
110490 Baltimore, Maryland
Save JobRemove Job
View Saved Jobs
Under Armour is all about performance. Because what we make empowers athletes in every form to push themselves, to turn good into great, and to stay hungry for whatever comes next. And this is exactly what we expect from each other.
Working with us means one key thing: no matter what you do, you see every day and every project as a chance to push your field forward. In every store and every office, we build teams where everyone is an MVP. And together we tackle every challenge head on. Because we work to push the gear, the game, and ourselves farther.
We’re looking for people who do more than good work.
We’re looking for the Best in Every Game.
Under Armour is the chosen brand of this generation of athletes... and the athletes of tomorrow. We're about performance - in training and on game day, in blistering heat and bitter cold. Whatever the conditions, whatever the sport, Under Armour delivers the advantage athletes have come to demand.
That demand has created an environment of growth. An environment where building a great team is vital. An environment where doing whatever it takes is the baseline and going above and beyond to protect the Brand is commonplace.
The world's hungriest athletes live by a code, a pledge to themselves and everyone else: Protect This House... I Will. Our goal is to Build A Great Team! Will YOU…Protect This House?!
Under Armour is looking for a Cyber Risk Analyst to help Protect This House. This individual will work in the growing Global Information and Cyber Security team in helping expand the cyber risk department.
The main objective is to perform risk identification, assessments, control monitoring, and variance reporting. This individual will ensure the security’s teams eyes are on the prize and focused.
The scope is global, and includes vendor, project, systems, networks, digital space, and architectures.
ESSENTIAL DUTIES & RESPONSIBILITIES:
Protect What Matters: Assist in identifying information assets, business processes, systems, and architectures which are important to the organization.
General Risk Assessments: Complete risk assessments of information assets, business processes, systems, and architectures to ensure the adequate controls are met in a continuous lifecycle; assist Cyber Security team in meeting maturity benchmarks as determined by leadership.
Third Party Risk Management: Perform third party risk assessments and develop guidance that addresses gaps; and assist with adherence to vendor management, risk, and information security policies, standards, and procedures.
Privacy / Security Assessments: Perform assessments in coordination with Under Armour’s privacy department to ensure adequate controls are being met.
Cyber Security Architecture: Be an active participant in project requirements and design phases to ensure cyber security controls are built in based on classification of data being used.
Communication: Ability to effectively communicate risks via verbal, scorecards, profiles, and other methods to information security teammates and leadership.
Knowledge of cyber and risk management concepts, including:
Understanding how cyber impacts business objectives
Network, software, infrastructure, cloud architectures
Ability to understand business and technical risk implications
Knowledge of cyber threat vectors, both generally and sector-specific
Knowledge of current cyber threat trends and approaches
Competent in industry standards & regulations such as:
NIST Special Publication 800-53 (rev. 4, and draft rev. 5)
NIST Cyber Security Framework
Factor Analysis of Information Risk (FAIR)
International security & privacy regulations in regions such as in LATAM, APAC, EU (GDPR)
5 years experience in the cyber security community
Experience in other IT domains a plus i.e. network, system administration, cloud infrastructures, etc.
Experience in cyber risk management
Experience in information governance
Knowledge of a GRC tool (preferable ServiceNow)
3 years experience in cyber risk and able to obtain a CISSP or other industry certification within one year
At Under Armour, we are committed to providing an environment of mutual respect where equal employment opportunities are available to all applicants and teammates without regard to race, color, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), national origin, age, physical and mental disability, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by applicable law. Under Armour believes that diversity and inclusion among our teammates is critical to our success as a global company, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool.