Threat Intelligence Analyst – Security and Risk Management team (W/M/NB)

COMPANY DESCRIPTION

Ubisoft is a global leader in gaming with teams across the world creating original and memorable gaming experiences, from Assassin’s Creed, Rainbow Six, to Just Dance and more. We believe diverse perspectives help both players and teams thrive. If you’re passionate about innovation and pushing entertainment boundaries, join our journey and help us create the unknown!

JOB DESCRIPTION

Summary

You will be joining Ubisoft within the Security & Risk Management Team – SRM, which is a global department across Europe, Asia and the Americas, as a Cyber Threat Intelligence (CTI) Analyst you will be responsible for collecting available information about cyber threats, analyzing the information to determine actionable intelligence to inform Security Operations and disseminate that intelligence in different ways to key stakeholders. You will report directly to the Threat Intelligence Team Lead, and will collaborate with team members from Security, IT, as well as Legal, Privacy, and Communications.

The Cyber Threat Intelligence Program is under construction, and we are looking for an experienced, self-driven analyst that can operate independently and contribute to the maturation of the program. The ideal candidate will seek to improve others while continuously learning and identifying ways to enhance the team’s analytical tradecraft. As, we’ve launched CERT-Ubisoft in 2020, you will have the opportunity also to exchange directly with other CERTs with the InterCERT & TF-CSIRT members.

Mission

Cyber Threat Intelligence Activities

• Monitor intelligences sources, identify actual and potential cyber threats to Gaming Industry but also follow APT & cybercrime groups
• Actively research emerging techniques leveraged by ATP actors, criminal enterprises, and others
• Work with other first line security teams to bring intelligence to threats and vulnerabilities
• Produce written tactical, operational, and strategic intelligence products
• Participate in security incident management for CTI analysis to search, enrich and document Threat actor profiles, infrastructures and TTPs used
• Participate in inter-team discussions and workshops with Security teams related to anticipation, detection, protection, and deception
• Participate in team meetings, innovations, roadmap, sources choices, PoCs and activity as required to fulfil role

Responsibilities

• Utilize threat intelligence to protect Ubisoft and its customers from threat actors
• Act as a Subject Matter Expert for SRM department with internal and external team
• Design the scope of solutions based on security best practices and industry standards
• Contribute to improvements in Ubisoft security guidelines, standards, and procedures
• Communicate effectively, guide, and support security improvements

QUALIFICATIONS

Relevant experience

To qualify for the role, you must have

• Experience in information security with Cyber Threat Intelligence, Digital Forensics, and/or Incident Response
• Outstanding written and oral communication skills
• Proven ability to translate complex information sets into actionable recommendations that can be utilized by the security teams to enhance our security posture
• A strong understanding with the intelligence cycle and collection requirements
• Experience utilizing the Diamond Threat Model, Mitre Att&ck framework or Cyber Kill Chain
• Experience collecting and analysing raw information to produce intelligence reports
• Understanding of common attack techniques such as reconnaissance, scanning, exploitation, pivoting, and persistence
• Experience tracking APTs and criminal actor groups
• French & English are required both orally and written

Skills and knowledge

Ideally, you’ll also have one or more certification

• GCTI Certification/SANS FOR578
• GOSI Certification/SANS SEC487
• GCFA Certification/SANS FOR508
• Other certifications can be considered if deemed relevant

Skills and attributes for success

• Strong writing skills
• Ability to work independently
• Expert understanding of cybersecurity principles
• Ability to think abstractly
• Significant attention to detail
• A natural desire and mindset to ask questions and investigate

ADDITIONAL INFORMATION

We embrace a hybrid work model helping you stay connected with your team and aligned with business priorities, while giving you the opportunity to maintain your work-life balance. Please note that some roles are fully office-based and are not eligible for hybrid working.

Recruitment process

[30 minutes] : phone call with a Recruiter

[60 minutes] : interview with a the manager of the role and a Recruiter

[60 minutes] : we will send you a case study to prepare (we give you a full week to deliver 3-5 hours of work), you will then present the business case during a one-hour long visio presentation with the manager of the role and the Director of Security Operations

Additional Information

Skills and competencies show up in different forms and can be based on different experiences, that's why we strongly encourage you to apply even though you may not have all the requirements listed above.

At Ubisoft, you can come as you are. We embrace diversity in all its forms. We’re committed to fostering a work environment that is inclusive and respectful of all differences.

Check out this guide

to help you with your application, and learn about our actions to encourage more diversity and inclusion.