Job Description

Company DescriptionUbisoft is a global leader in gaming with teams across the world creating original and memorable gaming experiences, from Assassin's Creed, Rainbow Six to Just Dance and more. We believe diverse perspectives help both players and teams thrive. If you're passionate about innovation and pushing entertainment boundaries, join our journey and help us create the unknown!Job DescriptionUbisoft is looking for an Information Security Specialist to join the Security & Risk Management teams, who aim to make Ubisoft fully resilient to risks and threats as an organization and to provide a safe and secure environment that enables teams to work efficiently toward achieving their objectives.As part of GRC (Governance, Risk and Compliance) team, the role is mainly responsible for maintaining Ubisoft security policies and standards, while also contributing to Ubisoft regulatory compliance activities.Your main responsibilities will include:Assessing gaps in existing cybersecurity policies and standardsWork with security architects and subject-matter experts to:Create new cybersecurity policies and standards to be submitted for approval by executives and stakeholdersReview and recommend modifications/additions to existing policies and standardsMaintaining a document repository where all cybersecurity-related materials are published and storedEnsuring consistency between the various security policies, standards, procedures and guidelinesSupporting Ubisoft's information security compliance programParticipating to preparation efforts and response for external auditsCommunicating with internal teamsQualificationsBackgroundSignificant experience as a cybersecurity consultant or security analyst is required for this position, preferably with:A specialization in GRC (governance, risk and compliance), or at least with an interest for regulatory-related security topicsPrior experience with crafting cybersecurity policies and proceduresRequired SkillsGood understanding of IT systems and security fundamentalsKnowledge of the major European privacy and cybersecurity laws and regulations (RGPD, NIS2, CRA)Knowledge of at least one global security framework (such as ISO 27001, NIST CSF, NIST 800-53, or CIS Controls standards)Excellent written and verbal communication skillsStrong sense of formalism and great attention to detailCollaborative mindsetFluent English and FrenchNice to HavePrior experience in auditing organizational and/or technical security measuresPrior experience with a GRC toolPrior experience in designing or implementing an IAM programHolding a CISM, CISSP, or CISA or ISO27001 Implementer/Auditor certification is considered a plus.Additional InformationUbisoft's perks Profit Sharing, yearly company saving plan. 25 paid time off + 12 additional paid days off. 50% of your Navigo pass is paid by the company, lunch vouchers (9€/day), healthcare for you and your family, and lots of Ubisoft additional perks. Our office is located in Saint Mandé, (Metro line 1, Saint Mandé station). Gym available in the building.Additional Information Skills and competencies show up in different forms and can be based on different experiences, that's why we strongly encourage you to apply even though you may not have all the requirements listed above. At Ubisoft, you can come as you are. We embrace diversity in all its forms. We're committed to fostering a work environment that is inclusive and respectful of all differences. Check out this guide to help you with your application, and learn about our actions to encourage more diversity and inclusion.