This job might no longer be available.
Security Team Lead (Red Team)
4 years ago
Job Description
Summary
Part of the Security & Risk Management group, the Security Team Lead helps manage and reduce security risks on activity domains at Ubisoft (IT, HR, gaming, online services, etc.) by performing vulnerability assessments and security testing. You will provide technical security expertise to report security weaknesses and recommendations to all internal clients. In addition, the Security Team Lead is responsible for coordinating the activities of the team and ensuring it meets its objectives in terms of performance.
Responsabilities
The main responsabilities are:
- Coordinate the team’s activities in relation with the business needs of company;
- Mobilize the team around determined strategies by transmitting directives and key results;
- Ensure the delivery of reports according to the deadlines set with the projects’ stakeholders;
- Analyze security aspects of various projects via performing vulnerability assessments activities (intrusion tests with or without internal documentation, testing security measures implemented during development);
- Validation of the implementation of security recommendations with developers and project teams;
- Participate in security reviews of pre-production and production projects to evaluate potential risks to Ubisoft infrastructures;
- Provide security guidance based on potential risks from an attacker perspective;
- Assist in the creation and deployment of security tools, policies and workflows implementing industry best practices at Ubisoft.
Qualifications
Education
- Bachelors’ Degree in Computer Sciences or any related discipline;
- Security certification in ethical hacking/intrusion tests (GIAC GPEN GWAPT, CEH, or OSCP).
Relevant experience
- 3+ years in information security field or relevant experience;
- 4+ years in technical hands-on on at least one of the following topics: Microsoft security, Network security, Linux security;
- 1+ year experience managing technical resources of at least 3 people;
- Solid experience of key concepts: TCP/IP stack, routing, Web-based infrastructures, Firewalls;
- Hands-on experience on intrusion testing/vulnerability assessments methodology and standards on complex infrastructures/large networks;
- Hands-on experience on most of the following tools and concepts: SQL injection, cross-site scripting (XSS), buffer overflow, metasploit, burp suite, nessus, mbsa, privilege escalation, reverse shell, soapui, reverse-engineering, wireshark/tcpdump, wmic.
Skills
- Leadership mindset;
- Methodic and result-oriented;
- Ability to build threat models;
- Proactive;
- Autodidact;
- Adapt quickly to change.
Knowledge
- English language is required (oral/written);
- Advanced knowledge of Open Web Application Security Project (OWASP or similar technical framework);
- General knowledge of security frameworks/standards (e.g. ISO 27002, PCI compliance, NIST/DISA guides).
Additional Information
We are an equal-opportunity employer and value diversity at our company. We do not discriminate on the basis of race, ethnicity, religion, gender, sexual orientation, age or disability status.
Company Description
At Ubisoft Montreal, a preeminent developer of video games located in Montreal’s dynamic Mile-End neighbourhood since 1997, we offer a work environment unique in the industry for allowing you to build and cultivate games that are part of critically acclaimed, iconic AAA franchises of international repute.
When you join Ubi Montreal, you enter a community of passionate, extraordinary developers connected by their need to innovate, to be creative and to work with the latest technology. You’ll discover a world where employees enjoy constant career advancement, a supportive learning environment, and competitive compensation packages.
Create Your Profile — Game companies can contact you with their relevant job openings.