Why Work at Lenovo
We are Lenovo. We do what we say. We own what we do. We WOW our customers.
Lenovo is a US$57 billion revenue global technology powerhouse, ranked #248 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world’s largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo’s continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY).
This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit www.lenovo.com, and read about the latest news via our StoryHub.
Description and Requirements
The Job
- Conduct comprehensive risk and control assessments to identify, evaluate, monitor, and mitigate risks across IT systems, applications, and network operations.
- Conduct red/purple team operation and penetration testing to identify vulnerabilities and assess the effectiveness of security controls.
- Implement remediation plans based on test findings to strengthen the security posture.
- Support security teams in defining, assessing, and managing security operations through appropriate policies, procedures, and control frameworks.
- Proactively evaluate IT control processes and activities to ensure the control environment is effectively designed and functioning.
- Facilitate audit and security control reviews with internal teams and external parties, prioritizing and mitigating risks to acceptable levels.
- Enhance security measures such as threat detection, attack penetration, and mitigation based on current and emerging threats.
- Promote communication and collaboration between internal teams and external parties on risk and cybersecurity matters.
The Person
- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Software Engineering, or related fields.
- 5+ years of hands-on experience in red/purple team exercises, penetration testing, and DevSecOps.
- Sound knowledge in Information Security, Business Continuity, Project Management, Application Security and industry best practices.
- Holder of one or more of the following certifications is a plus: CISSP, CISA, CISM, CISP, OSCP, CEH, CRTP, and CRT.
#LPS
Additional Locations:
Read Full Description