Threat Intelligence Analyst ? Security and Risk Management team (W/M/NB)

Ubisoft's 20,000 team members, working across more than 30 countries around the world, are bound by a common mission to enrich players' lives with original and memorable gaming experiences. Their dedication and talent have brought to life many acclaimed franchises such as Assassin's Creed, Far Cry, Watch Dogs, Just Dance, Rainbow Six, and many more to come.

Ubisoft is an equal opportunity employer that believes diverse backgrounds and perspectives are key to creating worlds where both players and teams can thrive and express themselves. If you are excited about solving game-changing challenges, cutting edge technologies and pushing the boundaries of entertainment, we invite you to join our journey and help us create the unknown.

Job Description

Summary
You will be joining Ubisoft within the Security & Risk Management Team ? SRM, which is a global department across Europe, Asia and the Americas, as a Cyber Threat Intelligence (CTI) Analyst you will be responsible for collecting available information about cyber threats, analyzing the information to determine actionable intelligence to inform Security Operations and disseminate that intelligence in different ways to key stakeholders. You will report directly to the Threat Intelligence Team Lead, and will collaborate with team members from Security, IT, as well as Legal, Privacy, and Communications.

The Cyber Threat Intelligence Program is under construction, and we are looking for an experienced, self-driven analyst that can operate independently and contribute to the maturation of the program. The ideal candidate will seek to improve others while continuously learning and identifying ways to enhance the team's analytical tradecraft. As, we've launched CERT-Ubisoft in 2020, you will have the opportunity also to exchange directly with other CERTs with the InterCERT & TF-CSIRT members.

Mission

Cyber Threat Intelligence Activities

• Monitor intelligences sources, identify actual and potential cyber threats to Gaming Industry but also follow APT & cybercrime groups
• Actively research emerging techniques leveraged by ATP actors, criminal enterprises, and others
• Work with other first line security teams to bring intelligence to threats and vulnerabilities.
• Produce written tactical, operational, and strategic intelligence products.
• Participate in security incident management for CTI analysis to search, enrich and document Threat actor profiles, infrastructures and TTPs used.
• Participate in inter-team discussions and workshops with Security teams related to anticipation, detection, protection, and deception
• Participate in team meetings, innovations, roadmap, sources choices, PoCs and activity as required to fulfil role.

Responsibilities

• Utilize threat intelligence to protect Ubisoft and its customers from threat actors
• Act as a Subject Matter Expert for SRM department with internal and external team,
• Design the scope of solutions based on security best practices and industry standards.
• Contribute to improvements in Ubisoft security guidelines, standards, and procedures
• Communicate effectively, guide, and support security improvements.

Qualifications

Relevant experience

To qualify for the role, you must have

• Experience in information security with Cyber Threat Intelligence, Digital Forensics, and/or Incident Response
• Outstanding written and oral communication skills
• Proven ability to translate complex information sets into actionable recommendations that can be utilized by the security teams to enhance our security posture
• A strong understanding with the intelligence cycle and collection requirements
• Experience utilizing the Diamond Threat Model, Mitre Att&ck framework or Cyber Kill Chain
• Experience collecting and analysing raw information to produce intelligence reports
• Understanding of common attack techniques such as reconnaissance, scanning, exploitation, pivoting, and persistence
• Experience tracking APTs and criminal actor groups
• French & English are required both orally and written

Skills and knowledge

Ideally, you'll also have one or more certification

• GCTI Certification/SANS FOR578
• GOSI Certification/SANS SEC487
• GCFA Certification/SANS FOR508
• Other certifications can be considered if deemed relevant

Skills and attributes for success

• Strong writing skills
• Ability to work independently
• Expert understanding of cybersecurity principles
• Ability to think abstractly
• Significant attention to detail
• A natural desire and mindset to ask questions and investigate