Application Security Expert

Montreal, QC, Canada

Applications have closed

Ubisoft

Welcome to the official website for Ubisoft, creator of Assassin's Creed, Just Dance, Tom Clancy's video game series, Rayman, Far Cry, Watch Dogs and many others. Learn more about our breathtaking games here!

View company page

Company Description

Ubisoft’s 20,000 team members, working across more than 30 countries around the world, are bound by a common mission to enrich players’ lives with original and memorable gaming experiences. Their commitment and talent have brought to life many acclaimed franchises such as Assassin’s Creed, Far Cry, Watch Dogs, Just Dance, Rainbow Six, and many more to come. Ubisoft is an equal opportunity employer that believes diverse backgrounds and perspectives are key to creating worlds where both players and teams can thrive and express themselves. If you are excited about solving game-changing challenges, cutting edge technologies and pushing the boundaries of entertainment, we invite you to join our journey and help us create the unknown.

Job Description

Joining the Security and Risk Management department as an Application Security Expert, you will oversee and participate to the implementation of security controls, and you will contribute to the management and reduction of risks by embedding into teams of a large spectrum of game productions, and critical online services. Furthermore, you will contribute to production and their services by finding and fixing security vulnerabilities, and by defining, designing, and implementing security requirements.

Responsibilities

  • Act as a key technical resource for the security department embedded within production teams;
  • Perform and participate to security reviews with a variety of productions and make tangible and impactful contributions to critical projects, while maintaining a collaborative and team-oriented spirit;
  • Participate to the review, implementation, and deployment of security tools that will be deployed within various services and projects;
  • Participate in the remediation activities of vulnerabilities found during code reviews, vulnerability scans, or penetration testing;
  • Participate in developing security best practices within the project you will be embed in. Support the deployment of tools enforcing those best practices;
  • Partner with Security Engineering Managers, Enterprise Security Architects, and other teams to define the proper security strategy, implement security controls and contribute to the evolution of services within critical projects.

Qualifications

  • Extensive experience in application security is required;
  • Experience in the development of applications in a collaborative environment would be a strong asset;
  • Strong understanding of common vulnerabilities (e.g. OWASP Top 10) and practical experience in discovering and mitigating them;
  • Solid experience with CI/CD processes, DevOps practices as well as experience with DevSecOps and security tool deployment would be an asset;
  • Ability to encode findings in an automated tool for regression tests would be an asset;
  • Pentesting abilities or experience would be an asset;
  • Ability to coach your peers, and development or operational teams you will work with while being embed.

Additional Information

Just a heads up: If you require a work permit, your eligibility may depend on your education and years of relevant work experience, as required by the government.

Skills and competencies show up in different forms and can be based on different experiences, that's why we strongly encourage you to apply even though you may not have all the requirements listed above.

At Ubisoft, you can come as you are. We embrace diversity in all its forms. We’re committed to fostering a work environment that is inclusive and respectful of all differences.

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Application security CI/CD DevOps DevSecOps OWASP Pentesting Risk management Security strategy Strategy Vulnerabilities Vulnerability scans

Region: North America
Country: Canada
Job stats:  18  4  0
Category: AppSec Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.