Security Solutions Architect

Company description

Ubisoft is a world reference in video games, with teams spread across the globe creating original and memorable gaming experiences, from Assassin’s Creed to Rainbow Six and Just Dance among many others. We believe that diversity of perspectives advances both players and teams. If you are passionate about innovation and want to push the boundaries of entertainment, join our adventure and help us create the unknown!

Position description

You will join the Security and Risk Management department as a Security Solutions Architect, with a focus on network security topics. By fully integrating with teams, you will advocate security from within, implementing protections and accelerating remediations. You will contribute to risk reduction by integrating with the Network teams while collaborating with the rest of the organization.

Main responsibilities

• Lead remediation of critical vulnerabilities within your assigned scope, including post-incident actions.
• Implement security measures on behalf of network infrastructure teams.
• Deploy major security initiatives across the scope of your mandate.
• Provide expert security recommendations tailored to our systems and context.
• Design and maintain secure configuration templates and hardening standards.
• Prototype and validate new security improvements or solutions.
• Ensure appropriate documentation of all controls and security measures implemented.
• Contribute to a corpus of best practices, knowledge bases and guides to promote early integration of security (shift-left) and self-service automation.

Qualifications

• Expertise in network security across layers L2 to L4, including routing, ACLs, VPNs, segmentation, LAN/WAN architectures (e.g., Cisco), datacenter firewalls and load balancers.
• Strong command of cloud network security for AWS and Azure, including design of VPC/VNet, peering, security groups/NSG, firewalls, hybrid connectivity and policy enforcement (e.g., Calico).
• Skills in Linux system security, including nftables/iptables, hardening, logging, and securing services such as DNS, IDS, PowerDNS and Suricata.
• Proficiency in automation via Infrastructure as Code (e.g., Terraform, Ansible) and scripting/programming in Python, Go or Bash for tooling and workflows.
• Knowledge of advanced networking and security concepts such as DNSSEC, PKI, TLS, reverse proxies, NAC solutions (e.g., Cisco ISE), 802.1X and device state management.
• Familiarity with cloud-native and container security, including Kubernetes networking, CNI/Calico, zero-trust architectures and operational practices such as use of a SIEM and root cause analysis.

Additional information

We adopt a hybrid work model that helps you stay connected with your team and aligned with company priorities while allowing you to maintain work-life balance. Note that some roles are fully office-based and not eligible for hybrid work.

If you require a work permit, your eligibility may depend on your education and years of relevant work experience as required by the government.

Skills and knowledge come in many forms and can be based on relevant experience, which is why we strongly encourage you to apply even if you do not meet every requirement listed above.

At Ubisoft we encourage diversity in all its forms. We are committed to creating an inclusive and respectful working environment for all. We know it is important for interviews to be comfortable. Therefore, if you need accommodations, please let us know if we can do anything to facilitate the interview process.