Security Infrastructure Team Lead
As the Lead of the Security Infrastructure team, you will be responsible for leading a team to manage, administer, and maintain core tools used in the security department at Ubisoft. These tools are used by multiple teams to protect the organization, improve security and investigate/resolve incidents at scale.
You will coordinate a team spread between Canada and France to excel at the following 3 core initiatives: Splunk SIEM, Administration Tools & Security Orchestration.
- Lead a team of system administrators and security analysts; conduct 1:1 and help develop team member career path;
- Maintain, monitor, troubleshoot and scale global security logging infrastructure (SIEM) to support both the adjacent Threat Detection and Incident Response Team;
- Ensure data is correctly formatted for Security Detection Content Development and that sufficient sources are ingested to reach investigation results by the Incident Response team;
- Manage interdepartmental relationships to troubleshoot, optimize and augment the team’s posture; Handle Vendors and be involved in the procurement process as well as proof of concepts (POCS) to ensure new tools meet your team’s standards for administration;
- Ensure compliance of deployed EDR agents, ensure they are up to date and functioning correctly, and have an approach “EDR everywhere“;
- Ensure that adjacent teams can easily set up hardened virtual machines in Private and Public Cloud;
- Leverage Hashicorp Vault across these systems for secure administration;
- Build from the ground up a process to support Incident Response and Investigation automation use cases;
- Develop automation modules that allow adjacent teams to scale in magnitude and effectiveness.
- Experience leading a remote and distributed technical team of systems administrators and/or technical security specialist;
- Extensive experience in cyber security or systems administration role from Governmental/Corporate CERT/CSIRTs or Corporate Security Blue/SOC/NOC Teams, or Enterprise Operational Monitoring (Observability);
- Experience administering a SIEM & Logging pipeline, enterprise security products such as EDR, XDR, Enterprise Scale Anti-Virus as well as security tooling, multi-cloud, virtualization and containers;
- Experience Developing Custom Software for Automation Use Cases (Language of your choice).
Just a heads up: If you require a work permit, your eligibility may depend on your education and years of relevant work experience, as required by the government.
Skills and competencies show up in different forms and can be based on different experiences, that's why we strongly encourage you to apply even though you may not have all the requirements listed above.
At Ubisoft, you can come as you are. We embrace diversity in all its forms. We’re committed to fostering a work environment that is inclusive and respectful of all differences.