Application Security Expert
Montreal, QC, Canada
Applications have closed
Ubisoft
Welcome to the official website for Ubisoft, creator of Assassin's Creed, Just Dance, Tom Clancy's video game series, Rayman, Far Cry, Watch Dogs and many others. Learn more about our breathtaking games here!Company Description
Ubisoft’s 20,000 team members, working across more than 30 countries around the world, are bound by a common mission to enrich players’ lives with original and memorable gaming experiences. Their commitment and talent have brought to life many acclaimed franchises such as Assassin’s Creed, Far Cry, Watch Dogs, Just Dance, Rainbow Six, and many more to come. Ubisoft is an equal opportunity employer that believes diverse backgrounds and perspectives are key to creating worlds where both players and teams can thrive and express themselves. If you are excited about solving game-changing challenges, cutting edge technologies and pushing the boundaries of entertainment, we invite you to join our journey and help us create the unknown.
Job Description
Joining the Security and Risk Management department as an Application Security Expert, you will oversee and participate to the implementation of security controls, and you will contribute to the management and reduction of risks by embedding into teams of a large spectrum of game productions, and critical online services. Furthermore, you will contribute to production and their services by finding and fixing security vulnerabilities, and by defining, designing, and implementing security requirements.
Responsibilities
- Act as a key technical resource for the security department embedded within production teams;
- Perform and participate to security reviews with a variety of productions and make tangible and impactful contributions to critical projects, while maintaining a collaborative and team-oriented spirit;
- Participate to the review, implementation, and deployment of security tools that will be deployed within various services and projects;
- Participate in the remediation activities of vulnerabilities found during code reviews, vulnerability scans, or penetration testing;
- Participate in developing security best practices within the project you will be embed in. Support the deployment of tools enforcing those best practices;
- Partner with Security Engineering Managers, Enterprise Security Architects, and other teams to define the proper security strategy, implement security controls and contribute to the evolution of services within critical projects.
Qualifications
- Extensive experience in application security is required;
- Experience in the development of applications in a collaborative environment would be a strong asset;
- Strong understanding of common vulnerabilities (e.g. OWASP Top 10) and practical experience in discovering and mitigating them;
- Solid experience with CI/CD processes, DevOps practices as well as experience with DevSecOps and security tool deployment would be an asset;
- Ability to encode findings in an automated tool for regression tests would be an asset;
- Pentesting abilities or experience would be an asset;
- Ability to coach your peers, and development or operational teams you will work with while being embed.
Additional Information
Just a heads up: If you require a work permit, your eligibility may depend on your education and years of relevant work experience, as required by the government.
Skills and competencies show up in different forms and can be based on different experiences, that's why we strongly encourage you to apply even though you may not have all the requirements listed above.
At Ubisoft, you can come as you are. We embrace diversity in all its forms. We’re committed to fostering a work environment that is inclusive and respectful of all differences.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security CI/CD DevOps DevSecOps OWASP Pentesting Risk management Security strategy Strategy Vulnerabilities Vulnerability scans
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs