Come join Under Armour and create software to power the future of connected fitness. We’re serious about individual growth and athlete achievement, and we’d like you to join us to build real products that will help millions of people improve their lives through better health & fitness. You will learn, grow, and play in an environment that focuses on results and delivery, all backed by one of the strongest consumer brands in history.
We're looking to add an application security architect to our DIgital Product Security team, which protects an ecosystem of over 200M athletes, fitness enthusiasts, and people pursuing a healthy lifestyle. In this role, you will build capabilities, automation, tools, and architectures that secure our suite of applications & APIs that span web, wearable devices, and mobile including MyFitnessPal, MapMyFitness, and eCommerce.
You should apply for this role if you:
Want to make a real-world impact
Are interested in growing as an engineer, as a security leader, and as a teammate
Are ready to take ownership and responsibility for your work
Are passionate about supporting athletes through health & fitness technologies
Have a solid understanding of both software security fundamentals and what it takes to build internet-scale applications.
Have found & helped fix security defects in someone else’s code, yet you remain friends
Are capable of evaluating & improving security posture throughout the SDLC
Enjoy teaching others about application security, secure coding, and privacy
Are educated in computer science/engineering degree, or have gained equivalent knowledge through work experience & self study
Have a background in software development or information security, including real-world experience with:
Web, mobile, API, amd microservices design patterns and architectures
Attack & defensive patterns within those design patterns and architectures
OWASP Top Ten, CWE, OpenSAMM, BSIMM, etc
Application penetration testing and static code analysis tools
Multiple programming languages and the ability to learn new ones
AWS including IAM, GuardDuty, Macie, S3, CloudTrail, CloudWatch, and more
Securing container-centric deployments using Docker & Kubernetes
Regulatory regimes like PCI, GDPR, HIPAA, etc.
This position is based out of Austin, TX, Baltimore, MD, or San Francisco, CA.