This job listing expired on Jul 3, 2022
Tweet

COMPANY DESCRIPTION

Ubisoft is a leading creator, publisher and distributor of interactive entertainment and services, with a rich portfolio of world-renowned brands, including Assassin’s Creed, Just Dance, Tom Clancy’s video game series, Rayman, Far Cry and Watch Dogs. The teams throughout Ubisoft’s worldwide network of studios and business offices are committed to delivering original and memorable gaming experiences across all popular platforms, including consoles, mobile phones, tablets and PCs.

Created in 1996, Ubisoft Shanghai studio, is a vibrant and exciting place where our 400+ talents get opportunities to either co-develop great AAA blockbuster games, create cutting-edge online games or produce fun mobile games.

JOB DESCRIPTION

The Security Analyst (Digital Forensics and Incident Response) as part of the Incident Response team within the SOC (Security Operations Center), works to resolve reports of malware, phishing, data leaks all other identified security issues.

With your technical expertise of querying data with multiple tools you will identify the root cause of cyber security issues then coordinate across IT teams to resolve them. In collaboration with the Fraud and Investigation team you will also assist with joint cyber/insider threat investigations.

Incidents assigned to you will be taken from initial report to resolution, delegating responsibilities to other IT teams where necessary and coordinating all actions with stakeholders, including management.

You’ll also be providing feedback on security detections to the SOC team, assist with tuning alerts and assist with designing new detections. When time permits

Responsibilities

Acting as a central point of contact within the global incident response team, the Security Analyst will:

  • As the central point of contact globally within Ubisoft, the team is responsible for coordinating the resolution of all security incidents.
  • Query and analyze log sources in the SIEM for IOCs, attacker TTPs and evidence of suspicious behavior.
  • Aggregate logs between disparate sources and arrange them into a readable report then communicate it to stakeholders.
  • Identify security risks, find the root cause and bring risk to an acceptable level for management.
  • Develop and maintain exceptional procedural documentation.
  • Develop Automated investigative dashboards which collect several key searches into a single action
  • Create and maintain operational metrics dashboards to track, measure and identify security trends for management and other teams. Develop KPIs, actionable insights from data and dashboards created in Splunk
  • Meet with adjacent security department teams to communicate incident trends.
  • Automate follow ups, escalations, and reminders to focus on operational goals.
  • Extract IOCs & TTPs from previous attacks and coordinate with other teams to reduce incident reoccurrence.
  • Use open source and internal information to gather knowledge on recurring threat actors.
  • Review & respond to alerts presented in security tools: SIEM, EDR/XDR, IDS etc.

For additional information, our team uses Splunk, Crowdstrike, Microsoft E5 (Defender, MCAS, E-Discovery), ideally you have experience with these tools or an equivalent

QUALIFICATIONS

  • Having moderate experience in a cyber security position previously at medium or large business is a must; (CERT, Corporate SOC, Government CSIRT)
  • Experience with one or more of: threat hunting, digital forensics, incident response and corporate investigations.
  • Knowledge of one or more of:
    • SIEMs: Query expertise (Logical operators AND, OR, NOT, Filtering, Time bounding, wildcards, regexes)
    • Endpoint AV & EDR experience: Knowledge of inspecting process trees, registry modifications & network activity
    • Digital Forensics Tools: Forensic Capture, Disk Image Analysis, Memory Analysis
  • Proven experience with dashboarding and charting skills (Timecharts, graphs, pivot tables, stats, visual style & readability)
  • Knowledge of threat actor TTPs and typical attack methods defined in MITRE ATT&CK.
  • You know where malware hides, how it evades detection, how to find it, how to remove it and how to prevent reinfection.
  • Experience in remediating large security incidents such as Data Breaches, Ransomware, Cryptocurrency Miners and insider threat activity.
  • Demonstrating motivation through your involvement in the security community - having personal projects, certifications, participation in CTFs, home security lab or keeping updated on security trends.

ADDITIONAL INFORMATION

While the team operates under a “follow the sun” coverage model and not on a 24/7 rotation or night shift basis, on rare occasions you may be called to assist with resolving major incidents outside of standard working hours.

Due to the nature of the incident response, you will be working in a fast-paced environment and must be efficient at prioritizing multiple critical incidents and Skills and competencies show up in different forms and can be based on different experiences, that's why we strongly encourage you to apply even though you may not have all the requirements listed above.

At Ubisoft, you can come as you are. We embrace diversity in all its forms. We’re committed to fostering a work environment that is inclusive and respectful of all

We offer:

We have salaries to motivate you, bonuses for your performances, medical services to keep you safe and sound, meal tickets to use them wherever you want and free access to relaxing and fitness room.

But most of all, we guarantee you’ll enjoy our atmosphere and working environment.

Ubisoft is a leading creator, publisher and distributor of interactive entertainment and services, with a rich portfolio of world-renowned brands, including Assassin’s Creed, Just Dance, Tom Clancy’s video game series, Rayman, Far Cry and Watch Dogs. The teams throughout Ubisoft’s worldwide network of studios and business offices are committed to delivering original and memorable gaming experiences across all popular platforms, including consoles, mobile phones, tablets and PCs.

Come and join our team of over 1400 professionals and help us create highly appreciated interactive entertainment products!