Lenovo ISU Cybersecurity Leader – Lenovo – Morrisville, NC
Why Work at Lenovo
Here at Lenovo, we believe in smarter technology for all, so we spend our time building a society that’s brighter and more inclusive. And we go big. No, not big—huge.
We’re a US$60 billion revenue Fortune Global 500 company serving customers in 180 markets around the world. Focused on a bold vision to deliver smarter technology for all, we are developing world-changing technologies that power (through devices and infrastructure) and empower (through solutions, services and software) millions of customers every day and together create a more inclusive, trustworthy and sustainable digital society for everyone, everywhere.
The one thing that’s missing? Well… you…
Description And Requirements
Come be a part of the next generation of Managed Services and Solutions for the Lenovo Industry Solutions Unit (ISU)! Lenovo is looking for an extraordinary Cybersecurity Leader. If you have practical and strategic experience implementing security strategies and know-how to lead and collaborate with a geographically distributed team, then let’s talk about your next career opportunity! You’ll be a member of a startup organization that acts as one team with a vision to deliver exceptional experiences for our customers.
The ISU cybersecurity leader will secure the Lenovo ISU Managed Services by determining requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; mentoring team members.
This role will work with Lenovo’s ISU R&D team, DevOps, Cloud Ops, and security teams across Lenovo to reduce risk and to “shift left” ISU’s platform architectures to a highly-secure design.
The ISU cybersecurity leader will think strategically and execute tactically on complex problems that span different IT and operational technology.
Core to the ISU mission is bringing new solution offerings to market. The ISU cybersecurity leader will assess both internally developed and third-party solutions to ensure they comply with Lenovo security requirements.
- Design and help implement cloud security architectures for all of Lenovo ISU managed service offerings
- Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues
- Drive security architecture for managed service solution designs (e.g., credential management, access provisioning, authentication and authorization, data security, network security, application security, infrastructure security, security monitoring, and operations security)
- Maintain security by overseeing and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting internal and external training programs
- Accountable for effective internal partnerships with peer Lenovo security teams to guarantee design, implementation, and compliance of the managed service
- Communicate cloud risks to both technical and non-technical audiences to ensure the appropriate solutions and recommendations are identified
- Lead the security assessment and validation of internally developed solutions that will be offered commercially to Lenovo customers.
- Manage and validate the security risk of external partner solutions and assist in onboarding and integration of those solutions including: detailed assessment of partner corporate and product security policies, practices, implementations, integrations, and use of open source software.
You will be a great fit if you have:
- BS in Computer Science, Electrical Engineering, Physics, or Mathematics and 9+ years in information technology
- 5+ years of information technology security solutions architecture experience, designing complex, multi-layered solutions in global, distributed environments
- 3+ years in cloud-based environments (AWS, GCP, Azure, etc.) including SaaS, Pass, and IaaS technologies
- One or more security certifications such as CISSP, CCSP, CSSLP, CEH, OCSP, Security+
Preferred Qualifications And Certifications
- Experience with secure SecDevOps and Secure Development Lifecycle (SDLC)
- Experience threat modeling IoT systems
- Experience with native security controls in AWS, GCP, and/or Azure
- Experience with micro-service/deployment architectures such as Docker and Kubernetes
- Experience leading secure code development and review
- Experience operating as a self-starter/solo SME working in a fast-paced, environment. Start-up experience highly desired in addition to enterprise-level roles
- Excellent communications, time management, and interpersonal skills
- Master’s Degree or equivalent preferred
- CISSP certification
- AWS, Azure or Google Cloud Certified
- Experience applying NIST and IoT Security Frameworks
- Experience with software maturity models such as BSIMM and/or Open SAMM
- Experience in deploying IoT solutions
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any federal, state, or local protected class.
Lenovo adopted a COVID-19 Vaccination Policy for US-based employees. As a condition of employment, employees must adhere to Lenovo’s US Vaccination Policy and be fully vaccinated against COVID-19, subject to any applicable accommodations. To be fully vaccinated means individuals must receive the full series of a vaccine either approved by the FDA or WHO and listed by the CDC (e.g. two dose of the Moderna, AstraZeneca or Pfizer-BioNTech vaccines; or one dose of the Johnson & Johnson vaccine). This applies to all US-based employees, contractors and interns, regardless of work location. As a condition of employment, you must provide proof that you are fully vaccinated or follow Lenovo’s accommodation process.
- Morrisville – North Carolina – United States of America