VP, Security & Risk Management (W/M/NB)

Posted Mar 5

Company Description

Ubisoft’s 20,000 team members, working across more than 30 countries around the world, are bound by a common mission to enrich players’ lives with original and memorable gaming experiences. Their dedication and talent have brought to life many acclaimed franchises such as Assassin’s Creed, Far Cry, Watch Dogs, Just Dance, Rainbow Six, and many more to come. Ubisoft is an equal opportunity employer that believes diverse backgrounds and perspectives are key to creating worlds where both players and teams can thrive and express themselves. If you are excited about solving game-changing challenges, cutting edge technologies and pushing the boundaries of entertainment, we invite you to join our journey and help us create the unknown.

  • Location: East Coast NCSA or Europe
  • Duration of work: Full-time
  • Remote or on-site: Flexible Working Organization: To be discussed
  • Language: English required, French and other languages a bonus 

Job Description

The Vice President of Security and Risk Management is a senior business executive function responsible for leading the security and risk management function across a large game development organization, managing multiple diverse stakeholders. The individual will develop and implement a comprehensive security and risk management strategy and lead the development and maintenance of enterprise security architecture and solutions architecture. 

Key responsibilities include overseeing security systems and infrastructure, driving incident response with their teams, staying current on security trends, working with senior leadership, promoting security awareness, demonstrating strong leadership when required, interfacing with management, building external networks, managing and developing a large security team, and using their network to unblock security teams when needed. 

It's important to note that while the role is primarily a business executive function, experience with the hands-on technical aspects of security is helpful to ensure a connection with the technical staff and an understanding of the reality on the ground. This will help the VP to make informed decisions and provide effective guidance to the technical team. 

The individual should have a minimum of 10 years of experience in security and risk management, with at least 5 years in a leadership role, strong understanding of security and risk management best practices, experience with incident response and investigations, and expertise in crisis management with practical experience in mobilizing teams to respond to major incidents and problems with unknown solutions. 

A well-rounded individual with good chemistry with the executive team, with strong leadership, communication, relationship and stakeholder management skills are essential for success in this role. 

The role reports to the CIO. 

Key Responsibilities

  • Demonstrate strong leadership skills and ability to communicate effectively with staff at all levels 
  • Develop and implement a comprehensive security and risk management strategy 
  • Oversee the implementation and maintenance of security systems and infrastructure 
  • Drive incident response and lead investigations into security breaches or potential threats 
  • Stay current on security and risk management trends and regulations and ensure compliance 
  • Work with the senior leadership team to identify and manage potential risks to the organization 
  • Drive the implementation of DevSecOps and security operations processes 
  • Drive the Ethical Hacking team in revealing security gaps before they're exploited 
  • Oversee the Security Operations Center (SOC) and Vulnerability Management 
  • Ensure the collection and analysis of Threat Intelligence on potential threats 
  • Promote security awareness and education across the organization 
  • Interface with management and handle sensitive messaging and politics, manage the budget 
  • Build and maintain external networks and relationships with key members of the security industry 
  • Protect the security teams from overwork and burnout 

Qualifications

Experience and Characteristics

  • Strong understanding of security and risk management best practices and regulations 
  • Minimum of 10 years of experience in security and risk management 
  • At least 5 years in a leadership role 
  • A track record of success recognized by others in previous efforts 
  • A skillful ability to coach and increase the leadership caliber of the middle managers 
  • Familiarity of the gaming industry and its unique challenges is a major plus 
  • The ability to influence to win/win outcomes in the face of conflicting incentives 
  • Expert delegation and follow-up capabilities with successful outcomes 
  • Experience with incident response and investigations 
  • A curious, continuous learner with the ability to adapt to change 
  • Strong leadership and communication skills 
  • Experience in crisis management 

Additional Information

Ubisoft's perks (for a French-based role)

💰 Profit Sharing, yearly company saving plan. 25 paid time off + 12 additional paid days off. 50% of your Navigo pass is paid by the company, lunch vouchers (9€/day), healthcare for you and your family, and lots of Ubisoft additional perks.

👶 Maternity leaves of 20 weeks, paternity/co-parental leaves of 7 weeks.

📍 Our brand new office is located in Saint-Mandé, (Metro line 1, Saint Mandé station). Gym available in the building. Ability to work remotely.

Recruitment process

You will start with a phone or visio call with a Tech Recruiter, followed by a series of interviews with the Ubisoft IT leadership team.

Additional Information

Ubisoft offers the same job opportunities to all, without any distinction of gender, ethnicity, religion, sexual orientation, social status, disability, or age. Ubisoft ensures the development of an inclusive work environment which mirrors the diversity of our gamers’ community.

The job reports to Ubisoft IT. 

Check out this guide to help you with your application, and learn about our actions to encourage more diversity and inclusion.