Lead, Secure Infrastructure Data Governance

Lead, Secure Infrastructure Data Governance Values & Innovation

At Under Armour, we are committed to empowering those who strive for more, and the company's values - Act Sustainably, Celebrate the Wins, Fight on Together, Love Athletes and Stand for Equality - serve as both a roadmap for our teams and the qualities expected of every teammate.

Our Values define and unite us, the beliefs that are the red thread that connects everyone at Under Armour. Our values are rallying cries, reminding us why we're here, and fueling everything we do.

Our pursuit of better begins with innovation and with our team's mission of being the best. With us, you get the freedom to go further - no matter your role. That means developing, delivering, and selling the state‑of‑the‑art products and digital tools that make top performers even better.

The Lead of Microsoft Purview exists to establish and run an enterprise information protection and data governance capability that reduces data exposure and enables compliant collaboration across Microsoft 365 and integrated platforms. This role designs and operationalizes scalable controls—classification, labeling, retention, DLP, Insider Risk, eDiscovery, and information boundaries—by translating legal, regulatory, HR, and cybersecurity requirements into enforceable policy. The Lead drives cross‑functional governance and ensures Purview is integrated into endpoints, identity, collaboration workloads, and key SaaS systems to deliver consistent protection and measurable compliance outcomes.

• Define and execute the enterprise Purview strategy and multi‑year roadmap, aligning information governance priorities to business needs and risk posture.
• Design and maintain the enterprise data classification and labeling model (sensitivity labels, auto‑labeling where appropriate), ensuring clear handling expectations and consistent end‑user experience.
• Implement, tune, and operate Data Loss Prevention (DLP) policies across endpoints and Microsoft 365 workloads (e.g., Exchange, Teams, SharePoint/One Drive), balancing protection with productivity.
• Establish and manage retention and records governance (retention labels/policies, disposition workflows), enabling defensible compliance and lifecycle management of content.
• Build and run Insider Risk and related controls (policy design, indicator governance, escalation paths) in partnership with HR, Legal, and Cybersecurity.
• Partner with Legal and Compliance to operationalize eDiscovery processes (holds, collections, case workflows), ensuring repeatable execution and audit readiness.
• Define and enforce data boundaries and collaboration controls (information barriers / boundaries and policy guardrails) to reduce inappropriate sharing and insider risk.
• Drive platform integrations and policy extension to adjacent systems (identity, endpoint management, security tooling, and prioritized SaaS platforms), ensuring consistent enforcement and telemetry.
• Operate monitoring, reporting, and governance rhythms: dashboards/metrics, control health, policy exceptions, and executive‑ready compliance updates.
• Own operational processes and documentation (runbooks, change control, standards, training) and guide cross‑functional teams to ensure consistent adoption and execution without direct authority.
• Provide licensing/budget input and support vendor/auditor engagement as needed, ensuring the program is sustainable and scalable.

• Bachelor’s degree required.
• 8–10 years of relevant experience in information protection, data governance, security/compliance, or enterprise risk controls.
• Expert‑level capability in Microsoft Purview, including: data classification, labeling, DLP, Insider Risk, retention, eDiscovery, and information barriers/boundaries.
• Demonstrated ability to translate legal, regulatory, HR, and cybersecurity requirements into scalable enterprise policies and operational processes.
• Strong cross‑functional leadership and influence skills; ability to drive governance decisions and execution through partners (HR, Legal, Cyber, IT, Compliance) without direct reports.
• Experience operating compliance programs (control health, reporting,…