Solution Security Architect

Job Description

Ubisoft is a global leader in gaming with teams across the world creating original and memorable gaming experiences, from Assassin's Creed, Rainbow Six, to Just Dance and more. We believe diverse perspectives help both players and teams thrive. If you're passionate about innovation and pushing entertainment boundaries, join our journey and help us create the unknown!
Job Description
You will join the Security and Risk Management department as a Solution Security Architect (also referred to as Embeds) focused on Network Security topics. By integrating deeply with teams, you drive security from within, implementing protections, and accelerating remediations. You will contribute to the reduction of risks by embedding within the Network IT teams, while working with the rest of the organization.

Key Responsibilities
• Lead remediation of critical vulnerabilities within the assigned scope, including post-incident actions.
• Implement security measures on behalf of network infrastructure teams
• Roll out major security initiatives across the mandate scope.
• Provide expert security recommendations tailored to our systems and context.
• Build and maintain security configuration templates and hardening standards.
• Prototype and validate new security improvements or solutions.
• Ensure proper documentation of all implemented security controls and measures.
• Contribute to a corpus of best-practices, knowledge bases, and guidelines to push security left and foster self-service
Qualifications
• Expertise in network security across L2–L4, including routing, ACLs, VPNs, segmentation, LAN/WAN architectures (e.g., Cisco), and data center–grade firewalls and load balancers.
• Strong mastery of cloud network security for AWS and Azure, including VPC/VNet design, peering, security groups/NSGs, firewalls, hybrid connectivity, and policy enforcement (e.g., Calico).
• Proficiency in Linux system security, including nftables/iptables, hardening, logging, and securing services such as DNS, IDS, PowerDNS, and Suricata.
• Skilled in automation through Infrastructure as Code (e.g., Terraform, Ansible) and scripting/programming in Python, Go, or Bash for tooling and workflows.
• Knowledge of advanced networking and security concepts such as DNSSEC, PKI, TLS, reverse proxies, NAC solutions (e.g., Cisco ISE), 802.1X, and device posture management.
• Familiarity with cloud‑native and container security, including Kubernetes networking, CNI/Calico, zero‑trust architectures, and operational practices such as SIEM usage and root cause analysis.

Jobcode: Reference SBJ-232on6-216-73-216-105-42 in your application.