Solution Security Architect Identity & Devices

Job Description

Solution Security Architect – Identity & Devices (W/M/NB)
Description de l'entreprise
• Location: Saint Mandé, France
• Duration of work: Full-time

Ubisoft is a global leader in gaming with teams across the world creating original and memorable gaming experiences, from Assassin's Creed, Rainbow Six to Just Dance and more. We believe diverse perspectives help both players and teams thrive. If you're passionate about innovation and pushing entertainment boundaries, join our journey and help us create the unknown !
Description du poste
Job description
You will join the Security and Risk Management department as a Solution Security Architect (also referred to as Embeds) focused on Identity and Devices topics. By integrating deeply with teams, you drive security from within, implementing protections, accelerating remediations. You will contribute to the reduction of risks by embedding within the identify and devices IT teams, while working with the rest of the organization.

Key Responsibilities
• Lead the remediation of critical vulnerabilities within the assigned scope, including post-incident actions.
• Implement security measures on behalf of development or infrastructure teams within the designated perimeter.
• Roll out major security initiatives such as logging, MFA, and secret management across the mandate scope.
• Provide expert security recommendations tailored to our systems and context.
• Build and maintain security configuration templates and hardening standards.
• Prototype and validate new security improvements or solutions.
• Ensure proper documentation of all implemented security controls and measures.
• Contribute to a corpus of best-practices, knowledge bases, and guidelines to push security left and foster self-service
Qualifications
Requirements
• years of experience in infrastructure and system security
• years of experience in either Identity or Device management
• Strong expertise in identity & access (Entra ID / Azure AD) : Hybrid join, B2B/B2C, SSO, federation, Conditional Access, MFA, authentication flows (OIDC/SAML), Windows Hello. On-prem: Active Directory, GPO, PKI, SCCM, ADFS
• Expertise in device management & security: Intune, compliance, app protection, Microsoft Defender for Endpoint (MDE)
• Advanced PowerShell scripting skills
Additional Knowledge (Nice-to-Have)
• Microsoft 365: Exchange Online, Teams, SharePoint, DLP/MIP
• Networking and other systems (Linux)

Jobcode: Reference SBJ-6kbxkq-216-73-216-42-42 in your application.