General Information

Req #
WD00003755
Career area:
Hardware Engineering
Country:
China
State:
Beijing
City:
北京(Beijing)
Date:
Tuesday, June 22, 2021
Working time:
Full-time

Why Work at Lenovo

Here at Lenovo, we believe in smarter technology for all, so we spend our time building a society that’s brighter and more inclusive. 

And we go big. No, not big—huge.

We’re not just a Fortune Global 500 company, we’re one of Fortune’s Most Admired. We’re in 180 markets, working with 63,000 brilliant colleagues and counting. And we’re known for the world’s most complete portfolio of smart technology, from devices to software to infrastructure.

With our ingenuity, we help millions—not just the select few—experience our version of a smarter future. 

The one thing that’s missing? Well… you...

Description and Requirements

About Lenovo Focused on a bold vision to deliver smarter technology for all, we are developing world-changing technologies that create a more inclusive, trustworthy and sustainable digital society. By designing, engineering and building the world’s most complete portfolio of smart devices and infrastructure, we are also leading an Intelligent Transformation - to create better experiences and opportunities for millions of customers around the world. Join us in defining our world of tomorrow and creating smarter technology for all! Who You’ll Work With At Lenovo, we manufacture one of the world’s widest portfolios of connected products, including PCs (ThinkPad, Yoga, Lenovo Legion), tablets, smartphones and workstations as well as augmented and virtual reality (Mirage, ThinkReality) and smart home/office solutions, software and services. Lenovo’s data center solutions (ThinkSystem, ThinkAgile) are creating the capacity and computing power for the connections that are changing business and society. What You’ll Do Lenovo’s Personal Computing and Smart Devices business unit (PCSD) is seeking a Product Security Incident Response Team (PSIRT) Vulnerability Manager to support vulnerability management activities for maintaining a high level of security in the products and services we provide to our customers. This is a new position within the Product Security Office (PSO) that will integrate with our PSIRT and work closely with customers and PCSD development teams. The successful candidate will have experience handling security incidents and/or managing vulnerabilities for technology products; be comfortable communicating with customers, development teams, and stakeholders; have a natural curiosity for exploring and understanding reported security issues; and have a solid security knowledge base to draw from. Familiarity with Lenovo client computing products such as ThinkPad, ThinkCentre, and ThinkStation is helpful.

Serve as a primary PSIRT resource for PCSD and our customers。
• Quickly become a Subject Matter Expert that knows PCSD products, technologies, and Development Product Security Leads (PSLs) Monitor, investigate, and respond to customer PCSD security reports received by the PSIRT and support PSIRT response to researcher, partner, media, etc.
• Security reports Perform hands-on investigation to confirm reported security issues or provide remediation guidance Work with PSIRT, Global Security Lab, and PCSD Product Security Leaders to move issues - whether discovered internally or reported externally - from vulnerability to resolution, ensuring data accuracy and timeliness of updates.
• Analyze security issues to identify patterns and root causes.
• Support PSIRT security advisory publication and internal PCSD advisory communication.
• Providing ongoing training and support of development teams in vulnerability response.

Basic Qualifications:

1. Bachelors in Information Security, Management Information Systems, or a related degree;
or equivalent experience 5+ years of experience in one or more areas supporting security incident response, such as application, hardware, or system security, incident handling, vulnerability management, etc.
2. Preferred Qualifications Experience in vulnerability analysis, investigation, management, and triage。
3. Experience in products security incident response (PSIRT) Technical knowledge to support hands-on investigation, such as familiarity with network protocols, Linux, and security tools such Nessus, Nmap, and testssl Familiarity with best practices and standards for incident response and vulnerability management, such as the FIRST PSIRT Services Framework, ISO/IEC 27035, ISO/IEC 29147, ISO/IEC 30111, and NIST SP800-61 Familiarity with cybersecurity threats, countermeasures, and issues Team player and a self-starter Critical thinking, analytical ability, and problem solving.
4. Good verbal and written communication skills Security certification such as SANS, E|CIH, GCIH, CISSP, or Security.

Why Lenovo? Lenovo is a US$50 billion Fortune Global 500 company, with 57,000 employees and operating in 180 markets around the world. We are #1 PC company on the planet, BCG's 50 most innovative companies, and one of Interbrand’s 100 BEST global brands. Focused on a bold vision to deliver smarter technology for all, we are developing world-changing technologies that create a more inclusive, trustworthy and sustainable digital society.
By designing, engineering and building the world’s most complete portfolio of smart devices and infrastructure, we are also leading an Intelligent Transformation - to create better experiences and opportunities for millions of customers around the world. Learn more about why it’s great to work at Lenovo - https://www.lenovobenefits.com/why-join-lenovo
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any federal, state, or local protected class.