Solution Security Architect (W/M/NB)

You will join Ubisoft's Security and Risk Management department as a Solution Security Architect, also referred to as an Embed, with a focus on Identity and Devices. This role involves deeply integrating with IT teams to drive security from within, implementing robust protections, and accelerating remediations. You will contribute significantly to reducing risks by embedding within identity and device IT teams, while also collaborating with the broader organization. We are specifically looking for senior sysadmin or infrastructure engineers eager to pivot into gaining cloud expertise and exposure to security tooling.

Must Have

• Lead remediation of critical vulnerabilities within assigned scope.
• Implement security measures on behalf of development or infrastructure teams.
• Roll out major security initiatives such as logging, MFA, and secret management.
• Provide expert security recommendations tailored to our systems and context.
• Build and maintain security configuration templates and hardening standards.
• Prototype and validate new security improvements or solutions.
• Ensure proper documentation of all implemented security controls and measures.
• Contribute to a corpus of best-practices, knowledge bases, and guidelines.
• Proficiency in System Administration & Infrastructure Engineering.
• Expertise in Identity & Access Management (Entra ID, Azure AD, SSO, Federation, MFA, OIDC/SAML, Windows Hello).
• Experience with On-Premises AD Management (Active Directory, GPO, PKI, SCCM, ADFS).
• Skills in Device Management & Security (Intune, Device Compliance, App Protection, Microsoft Defender for Endpoint).
• Advanced PowerShell scripting for automation.

Good to Have

• Microsoft 365: Exchange Online, Teams, SharePoint, DLP/MIP
• Networking, Linux Administration
• Compliance Reporting: Tenable, Power BI

Perks & Benefits

• Profit Sharing
• Yearly company saving plan
• 25 paid time off + 12 additional paid days off
• 50% of transportation pass paid by the company
• Lunch vouchers (9€/day)
• Healthcare for you and your family
• Ubisoft additional perks
• Maternity leaves of 20 weeks
• Paternity/co-parental leaves of 7 weeks
• Gym available in the building
• Hybrid work model

COMPANY DESCRIPTION

Ubisoft is a global leader in gaming with teams across the world creating original and memorable gaming experiences, from Assassin’s Creed, Rainbow Six to Just Dance and more. We believe diverse perspectives help both players and teams thrive. If you’re passionate about innovation and pushing entertainment boundaries, join our journey and help us create the unknown !

JOB DESCRIPTION

You will join the Security and Risk Management department as a Solution Security Architect (also referred to as Embeds) focused on Identity and Devices topics.

By integrating deeply with teams, you drive security from within, implementing protections, accelerating remediations. You will contribute to the reduction of risks by embedding within the identify and devices IT teams, while working with the rest of the organization.

We are looking for senior sysadmin or infrastructure engineers who is interested to pivot to gaining experience in cloud expertise AND exposure to security tooling.

Key Responsibilities

• Lead the remediation of critical vulnerabilities within the assigned scope, including post-incident actions.
• Implement security measures on behalf of development or infrastructure teams within the designated perimeter.
• Roll out major security initiatives such as logging, MFA, and secret management across the mandate scope.
• Provide expert security recommendations tailored to our systems and context.
• Build and maintain security configuration templates and hardening standards.
• Prototype and validate new security improvements or solutions.
• Ensure proper documentation of all implemented security controls and measures.
• Contribute to a corpus of best-practices, knowledge bases, and guidelines to push security left and foster self-service

QUALIFICATIONS

Requirements

• System Administration & Infrastructure Engineering
• Identity & Access Management: Entra ID / Azure AD, Hybrid Join, B2B/B2C, SSO, Federation, Conditional Access, MFA, OIDC/SAML, Windows Hello
• On-Premises AD Management: Active Directory, GPO, PKI, SCCM, ADFS
• Device Management & Security: Intune, Device Compliance, App Protection, Microsoft Defender for Endpoint (MDE)
• Automation: Advanced PowerShell scripting

Optional / Nice-to-Have Skills:

• Microsoft 365: Exchange Online, Teams, SharePoint, DLP/MIP
• Networking, Linux Administration
• Compliance Reporting: Tenable, Power BI

ADDITIONAL INFORMATION

Ubisoft's perks

💰 Profit Sharing, yearly company saving plan. 25 paid time off + 12 additional paid days off. 50% of your transportation pass is paid by the company, lunch vouchers (9€/day), healthcare for you and your family, and lots of Ubisoft additional perks.

👶 Maternity leaves of 20 weeks, paternity/co-parental leaves of 7 weeks.

📍 Our office is located in Saint Mandé, (Metro line 1, Saint Mandé station). Gym available in the building.

According to Ubisoft's hybrid work model, our flexible work policy includes a minimum of 3 days a week in our Saint-Mandé office.

Recruitment process

• [30 minutes] : Video Interview with a Recruiter
• [60 to 90 minutes] : Technical Interview : Interview with Key stakeholder
• [60 minutes] : Interview with the manager of the role

Information about Ubisoft

Ubisoft offers the same job opportunities to all, without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability, or age. Ubisoft ensures the development of an inclusive work environment which mirrors the diversity of our gamers’ community.

We embrace a hybrid work model helping you stay connected with your team and aligned with business priorities, while giving you the opportunity to maintain your work-life balance. Note that some roles are fully office-based and are not eligible for hybrid work.

Check out this guide to help you with your application, and learn about our actions to encourage more diversity and inclusion.