Security Team Lead - Compliance (W/ M/ NB)

Working within the Security & Risk Management, the applicant will be responsible for specializing in governance, risk management, and regulatory compliance to lead our European security compliance program. This role will be responsible for ensuring our organization maintains robust security posture and adherence to EU regulations including NIS2, GDPR, and international frameworks such as NIST. The Security Team Lead will design, implement, and maintain cybersecurity governance frameworks, oversee compliance with NIS2 Directive, manage security compliance for data processing, and develop security policies. The role also involves conducting risk assessments, leading a team, coordinating audits, and collaborating with cross-functional teams.

Must Have

• Lead the design, implementation, and maintenance of cybersecurity governance frameworks aligned with EU regulations and international standards.
• Oversee compliance with NIS2 Directive requirements, including incident reporting obligations and risk management measures.
• Oversee security compliance for all security-related data processing activities, including DPIAs and records of processing.
• Develop and maintain security policies, standards, procedures, and guidelines aligned with regulatory requirements.
• Conduct regular security risk assessments and gap analyses against applicable frameworks and regulations.
• Lead and mentor a team of security compliance professionals, fostering professional development.
• Coordinate external audits and regulatory assessments, serving as the primary SRM liaison.
• Collaborate with cross-functional teams including Legal, Privacy, IT, and Business Units.
• Experience in information security governance, risk, and compliance (GRC).
• Experience leading and managing compliance initiatives and supporting regulatory audits.
• Experience working with and rolling out security and compliance frameworks in multinational or complex environments.
• Solid understanding of EU cybersecurity regulations, including NIS2 and GDPR.
• Ability to clearly communicate compliance requirements to technical and non-technical audiences.
• Deep knowledge of NIST Cybersecurity Framework, ISO/IEC 2700, ISO/IEC 27002.
• Bilingual (French–English).

Perks & Benefits

• Profit Sharing
• Yearly Company Saving Plan
• 25 paid time off + 12 additional paid days off
• 50% of your Navigo pass is paid by the company
• Lunch vouchers (9€/day)
• Healthcare for you and your family
• Ubisoft additional perks
• Maternity leaves of 20 weeks
• Paternity/co-parental leaves of 7 weeks
• Gym available in the building
• Hybrid work model

Company Description

Ubisoft is a global leader in gaming with teams across the world creating original and memorable gaming experiences, from Assassin’s Creed, Rainbow Six to Just Dance and more. We believe diverse perspectives help both players and teams thrive. If you’re passionate about innovation and pushing entertainment boundaries, join our journey and help us create the unknown!

Job Description

Working within the Security & Risk Management, the applicant will be responsible for specializing in governance, risk management, and regulatory compliance to lead our European security compliance program. This role will be responsible for ensuring our organization maintains robust security posture and adherence to EU regulations including NIS2, GDPR, and international frameworks such as NIST.

Responsibilities:

The main and routine tasks of this position are to:

• Lead the design, implementation, and maintenance of cybersecurity governance frameworks aligned with EU regulations (NIS2, GDPR, CRA) and international standards (NIST CSF, ISO 27001).
• Oversee compliance with the NIS2 Directive requirements, including incident reporting obligations, risk management measures, and supply chain security.
• Oversee security compliance for all security-related data processing activities, including data protection impact assessments (DPIAs) and records of processing activities.
• Develop and maintain security policies, standards, procedures, and guidelines that align with regulatory requirements and business objectives.
• Conduct regular security risk assessments and gap analyses against applicable frameworks and regulations.
• Lead and mentor a team of security compliance professionals, fostering professional development and technical expertise.
• Coordinate external audits and regulatory assessments, serving as the primary SRM liaison with auditors and regulatory bodies.
• Collaborate with cross-functional teams including Legal, Privacy, IT, and Business Units to embed security and compliance requirements
• Ensure team alignment to the departmental vision and strategy. Follow and measure the performance and the skills of team members.

Qualifications

Key Experience

• Experience in information security governance, risk, and compliance (GRC)
• Experience leading and managing compliance initiatives and supporting regulatory audits
• Experience working with and rolling out security and compliance frameworks in multinational or complex environments
• Solid understanding of EU cybersecurity regulations, including NIS2 and GDPR
• Ability to clearly communicate compliance requirements to technical and non-technical audiences

Core Skills

• Strong analytical and critical-thinking abilities
• Comfortable setting priorities and organizing work effectively
• Ability to develop risk treatment plans and guide remediation activities
• Clear and structured writing for policies and documentation
• Supportive leadership style and ability to influence across teams

Knowledge

• Deep knowledge of major security frameworks:-NIST Cybersecurity Framework, ISO/IEC 2700, ISO/IEC 27002
• Familiarity with CIS Controls and industry-specific standards
• Understanding of security architecture principles and technical controls
• General IT understanding
• Bilingual (French–English)

Additional Information

Ubisoft's perks

💰 Profit Sharing, Yearly Company Saving Plan. 25 paid time off + 12 additional paid days off.

🎁 50% of your Navigo pass is paid by the company, lunch vouchers (9€/day), healthcare for you and your family, and lots of Ubisoft additional perks.

👶 Maternity leaves of 20 weeks, paternity/co-parental leaves of 7 weeks.

📍 Our brand-new office is located in Saint Mandé, (Metro line 1, Saint Mandé station). Gym available in the building.

💻 We embrace a hybrid work model helping you stay connected with your team and aligned with business priorities, while giving you the opportunity to maintain your work-life balance.

Recruitment process

• [45 min; remote] – First conversation with a Talent Acquisition Specialist
• [60 min; remote] – Interview with Manager/ Key Stakeholder
• [60 min; onsite] – Interview with a Key Stakeholder

Skills and competencies show up in different forms and can be based on different experiences, which is why we strongly encourage you to apply even though you may not have all the requirements listed above.

Ubisoft offers the same job opportunities to all, without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability, or age. Ubisoft ensures the development of an inclusive work environment which mirrors the diversity of our gamers’ community.

Check out this guide to help you with your application, and learn about our actions to encourage more diversity and inclusion.