Why Work at Lenovo
Description and Requirements
- 分析并评估现有AI产品的安全性,识别潜在的安全威胁。
- 针对模型反转、模型逆推、模型幻觉、模型窃取和逃避攻击等风险,设计和实施防护解决方案。
- 跟踪最新的AI安全研发趋势,并不断优化安全策略。
- 遵循国家和行业的法律法规以及安全要求,并将其转化为内部安全要求和解决方案,以确保公司产品和服务符合数据安全与隐私保护法律法规。
- 开发并实施数据安全与隐私合规技术手段,如数据匿名化、差分隐私、同态加密等。
- 负责AI产品的架构设计安全要求、架构设计规范以及相应的审计方法和检查清单。
- 在数据安全与隐私保护方面为内部和外部利益相关者提供支持。
- 拥有计算机科学、信息安全或相关领域的学士学位或以上学历。
- 至少3年的AI安全工作经验。
- 深入了解模型反转、模型逆推、模型窃取和逃避攻击等风险,并能提出有效的防御措施。
- 熟悉《网络安全法》、《数据安全法》、《网络安全等级保护基本要求》、《个人信息保护法》以及《儿童个人信息网络保护规定》等法律法规。
- 具备良好的沟通能力和团队合作精神。
- 优先考虑具备熟练的英语口语表达能力和良好的英语读写能力者。
- 持有CIPT(Certified Information Privacy Technologist,认证信息隐私技术专家)、CIPM(Certified Information Privacy Manager,认证信息隐私管理师)等相关认证,或在AI安全或隐私保护方面发表过研究成果者将优先考虑。
Main responsibilities:
1. Analyze and evaluate the security of existing AI products and identify potential security threats.
2. Design and implement protection solutions for risks such as model reversal, model inversion, model hallucination, model theft and evasion attacks.
3. Follow the latest AI security research and development trends and continuously optimize security strategies.
4. Follow national and industry laws, regulations and security requirements, and convert them into internal security requirements and solutions to ensure that the company's products and services comply with data security and privacy protection laws and regulations.
5. Develop and implement data security and privacy compliance technical means, such as data anonymization, differential privacy, homomorphic encryption, etc.
6. Responsible for the architecture design security requirements, architecture design specifications and supporting audit methods and CheckLists for AI products.
7. Empower internal and external stakeholders in data security and privacy protection.
1. Bachelor's degree or above in computer science, information security or related fields.
2. At least 3 years of work experience in AI security.
3. In-depth understanding of risks such as model reversal, model inversion, model theft, and evasion attacks, and the ability to propose effective defense measures.
4. Familiar with laws and regulations such as the Cybersecurity Law, Data Security Law, Basic Requirements for Graded Protection, Personal Information Protection Law, and Regulations on the Protection of Children's Personal Information on the Internet.
5. Good communication skills and teamwork spirit.
6. Proficient English oral expression skills and good English reading and writing skills are preferred.
7. Those who hold relevant certifications such as CIPT (Certified Information Privacy Technologist), CIPM (Certified Information Privacy Manager), or have published research results on AI security or privacy protection will be given priority.