Vulnerability Technical Program Manager M - W - Nb H/F
- SAINT-MANDE, 94160
il y a 65 jours
- Cette annonce est désactivée, il n'est donc plus possible d'y postuler.
Informations complémentaires :
Description de l'entreprise :
Ubisoft's 20, 000 team members, working across more than 30 countries around the world, are bound by a common mission to enrich players' lives with original and memorable gaming experiences. Their commitment and talent have brought to life many acclaimed franchises such as Assassin's Creed, Far Cry, Watch Dogs, Just Dance, Rainbow Six, and many more to come.
Ubisoft is an equal opportunity employer that believes diverse backgrounds and perspectives are key to creating worlds where both players and teams can thrive and express themselves.
If you are excited about solving game-changing challenges, cutting edge technologies and pushing the boundaries of entertainment, we invite you to join our journey and help us create the unknown.
Description du poste :
As a Vulnerability Management Technical Program Manager you will support the day-to-day vulnerability mitigation activities as well as efforts to implement best practice methods, processes, tools and drive continuous improvement initiatives at Ubisoft. You will BE joining Ubisoft within the Security & Risk Management Team - SRM, which is a global team across Europe, Asia and the Americas. SRM's scope covers different spheres of security from our games, to securing our cloud environments to making sure are employees use our technological environments safely.
More precisely, in this role, you'll act as the main point of contact and facilitator for vulnerability management within Ubisoft's SRM group. Acting as a bridge between SRM and Ubisoft as a whole, you'll need to present insightful results in simple, yet, effective business terms. As part of your mission, you will follow up on security assessments, coordinate security patching, assist vulnerability management, help minimize attack surface area, and recommend corrective actions.
As part of this team, topics you will work on will include cloud environments, network architecture, security audits, developing policies and security patch management. We don't expect you to know all this, but you'll BE able to ramp up on these technologies as well as many others.
Join us and empower SRM to remain a world-class reference for the entire gaming industry !
Your role :
In partnership with business teams, IT and Uplay team, the Technical Project Manager will work closely with product owners, development, design, and testing team to deliver websites and interfaces for the Ubisoft's subscription service and provide engaging experience to the players around the world. The Technical project manager's role is to manage the development, scoping, growth, roadmap, tracking and communication across various stakeholders. The technical Project Manager will ensure that the Subscription program objectives are achieved through successfully executing and tracking agreed initiatives in coordination with IT and Business teams.
Your mission will BE as below :
- Manage the end-to-end workflow for handling and responding to vulnerability reports, from Red/Blue Teams and scanning technologies while working with IT engineering and gaming studio organizations.
- Collaborates with infrastructure and application owners on security hot-fixes or patch management validation.
- Generate remediation action plans and corresponding tickets for system and application owners to remediate identified flaws.
- Collaborate with system and application owners through the remediation lifecycle.
- Develop periodic reports on the discovery and closure of vulnerabilities to maintain stakeholder accountability.
- Supports the cyber incident response team in specified vulnerability discovery and identification tasks during crisis management.
- Assist in documenting standard operating procedures.
- Stays abreast of current and emerging Vulnerability intelligence to communicate and prioritize risk to internal stakeholders.
- Serve as the authority for the platform and metrics reporting.
- Lead the management and maintenance of patch management platforms/tools, including troubleshooting.
- A 1st significative experience leading large enterprise security remediation activities.
- Familiarity with security standards and fundamentals such as OWASP Top 10, CVSS, CVE.
- Demonstrated experience, certifications and education in Cyber Security, auditing and/or consulting.
- Ability to interact with representatives from different sectors and communicate technical and business concepts to all types of audiences through different ways - presentations, documentation, communication.
- The ability to qualify risks factors in a large enterprise with thousands of servers, new technologies and a diverse ecosystem while understanding the business context.
- Experience in DevSecOps, Blue/Red Teaming would BE an asset.
- Ability to make decisions quickly in a constantly changing environment and demonstrate a capacity for innovation.