Security Architect
Ubisoft
Montreal, Canada
8d ago

Job Description

Ubisoft Montreal, an industry leading developer of video games, located in the heart of Montreal’s Mile-End, offers a unique environment where creativity, teamwork and cutting-

edge technology bring to life critically acclaimed video games and iconic AAA franchises.

When you join Ubi Montreal, you enter a community of passionate, extraordinary people connected by their need to innovate, to be creative and to work with the latest technology.

You’ll discover a world where employees enjoy constant career advancement, a supportive learning environment, and competitive compensation packages.

Missions :

Ubisoft is looking for an Application Security Architect to join the Security and Risk Management, Applications and Infrastructure (AIS) team.

This team has a global role, they provide technical analysis, design and implementation recommendations for defensive security across the company.

The Security Architect will :

  • Act as a key technical resource for Ubisoft internal partners, including management, regarding technical security matters related to all environments;
  • Coordinate project security in order to assist IT teams in delivering secure infrastructure solutions with security recommendations and requirements;
  • Perform technical risk assessments, threat modeling, architecture security reviews, repeatable guidance and follow-ups for projects involving public-
  • facing services, large number of users and complex architectures;
  • Ensure prevention and good management of technical, legal and human security-related risks by elaborating and proposing improvements to security policies, guidelines and standards with a global mindset, taking into consideration all Ubisoft offices;
  • Communicate efficiently while delivering security needs and validating that appropriate security measures are in place.
  • Education

  • Bachelors’ Degree in Computer Sciences or any related discipline;
  • Security certification (CISSP and / or GIAC).
  • Relevant experience

  • 2+ years in information security field or relevant experience;
  • 5+ years in technical hands-on on at least one of the following topics : Microsoft security, Network security, Linux security;
  • Requirements :

  • Strong knowledge of technical security concepts
  • Vast knowledge of complex cybersecurity topics including : secure web app design, cryptography and key material handling, authentication mechanisms such as OAUTH, SAML or OpenID, sensitive data protection, SDLC integration (fuzzing tests, static and dynamic code analysis)
  • Strong knowledge of network design and technologies (TCP / IP stack, VPNs, Firewalls, Reverse-proxies, PKI and encryption)
  • Strong knowledge of web protocols and an in-depth knowledge of Linux / Unix tools and architecture
  • Exposure to code security issues and comprehension of algorithms in order to recommend best coding practices
  • Knowledge of Risk assessment methodologies (STRIDE, NIST)
  • Particularly strong communication skills, both verbal and written
  • Maturity, judgment, mentoring, negotiation / influence skills, analytical skills
  • English language is required.
  • Other important qualifications :

  • Offensive security experience (pentesting, red teaming) is an asset
  • Fluency in AWS, Azure and / or GCE
  • Experience in programmatic automation (C#, Python, PHP, Ruby, etc)
  • Security certifications (CISSP, GIAC, CISA)
  • Strong knowledge of industry standards (ISO27002, PCI Compliance, NIST / DISA, OWASP)
  • Apply
    Apply
    My Email
    By clicking 'Continue', I agree to neuvoo's Privacy & Terms and agree to receive relevant email job alerts. (cancel anytime) See here
    Continue
    Application form