Offensive Security Specialist (W/M/NB)
Offensive Security Specialist (W/M/NB)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Profile
We are seeking a skilled and motivated Offensive Security Specialist to join our cybersecurity team and strengthen Ubisofts ability to identify assess and mitigate security vulnerabilities across its diverse environments ranging from IT and corporate systems to games and online services.
You will contribute to our vulnerability management program by validating CVEs developing exploit proofsofconcept collaborating with our Red Team and supporting remediation and triage through actionable insights. Your expertise in offensive techniques will play a critical role in reducing risk exposure across the organization.
Responsibilities
- Validate the exploitation of thirdparty CVEs identified by vulnerability scanners (e.g. ).
- Triage and validate firstparty vulnerabilities discovered through responsible disclosure programs (e.g. Bug Bounty).
- Collaborate with the Red Team to build exploit chains and simulate realworld attack scenarios.
- Retest vulnerabilities identified by internal security teams to confirm remediation effectiveness.
- Contribute to the development and deployment of internal security tools and workflows aligned with industry best practices.
- Continuously research emerging offensive techniques and integrate findings into testing methodologies and tooling.
- Document validated vulnerabilities and communicate detailed findings and remediation recommendations to internal stakeholders.
Qualifications :
- Experiences in penetration testing or offensive security.
- Solid understanding of vulnerability scoring attack vectors triage and assessments in largescale complex infrastructures.
- Proficiency in identifying and exploiting common vulnerabilities:
- Web vulnerabilities (e.g. XSS IDOR CSRF)
- Serverside issues (e.g. SQLi XXE SSRF RCE)
- Authentication and access control flaws
- Ability to build or adapt CVE exploitation PoCs tailored to the Ubisoft environment.
- Familiarity with reverse engineering/debugging tools: IDA Pro Ghidra x96dbg WinDbg.
- Comfortable with network and packet analysis tools: Wireshark tcpdump Scapy.
NicetoHave
- Experience with vulnerability scanners such as Tenable or Qualys.
- Knowledge of remediation techniques and system hardening practices.
- Usage of frameworks such as OWASP MITRE ATT&CK.
- OSCP or equivalent offensive security certifications (e.g. eCPPT GPEN) preferred.
Additional Information :
Ubisofts perks
Profit Sharing yearly company saving plan. 25 paid time off 12 additional paid days off. 50% of your transportation pass is paid by the company lunch vouchers (9/day) healthcare for you and your family and lots of Ubisoft additional perks.
Maternity leaves of 20 weeks paternity/coparental leaves of 7 weeks.
Our office is located in Saint Mand (Metro line 1 Saint Mand station). Gym available in the building. According to Ubisofts hybrid work model our flexible work policy includes a minimum of 3 days a week in our SaintMand office and the remaining 2 days working from home.
Recruitment process
30 minutes : phone call with a Recruiter
60 minutes : interview with the manager of the role and a Security Manager
60 minutes : interview with the SRM Technical Director
Additional Information
Ubisoft offers the same job opportunities to all without any distinction of gender ethnicity religion sexual orientation social status disability or age. Ubisoft ensures the development of an inclusive work environment which mirrors the diversity of our gamers community.
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
