Lenovo

Lenovo Infrastructure Solutions Group’s (ISG) Product Security Office (PSO) is seeking a passionate software developer with experience in supporting internal teams through custom-built tools and automation.  This isn’t a traditional software development position working on focused aspects of a larger program day-in, day-out.  Instead, the successful candidate will engage in high-impact activities with business unit-wide visibility that make Lenovo ISG product security initiatives more effective, such as developing, enhancing, and/or implementing full-stack software applications and utilities; automating processes; assisting with secure software development lifecycle projects; and working with users to troubleshoot and resolve issues.

This is a backfill for an existing position which supports Lenovo ISG’s growing and evolving product security needs, joining an established team responsible for securing an expanding product portfolio.  This position is well suited to candidates that thrive on solving new and unique problems, identifying and planning for future requirements, working with varied technologies, and taking ownership of technical solutions.  Development activities are the primary focus and expected to comprise 80%+ of duties.

Primary responsibilities:

• Lead tool customization and internally build application development activities from identifying requirements, full-stack development, testing, and user support
• Assess and understand existing products or solutions while assuming ownership for their maintenance and future development
• Work with security engineers, security architects, developers, and leadership, to align with continually evolving business and market needs and expectations
• Adhere and contribute to security best practices, standards, requirements, secure software development processes, etc.
• Maintain an open, thoughtful, respectful, and collaborative team environment
• Interface with cross-functional teams and technical resources to provide user support and gather feedback
• Support secure development lifecycle initiatives
• Proactively provide for continuous procedure and process improvement

Position Requirements

Basic Requirements:

• Bachelor’s degree in Computer Science, Management Information Systems, or similar technical degree
• Non-degree candidates with additional years of relevant work experience
• 5+ years of industry experience in a full stack software development role with relevant degree
• 3+ years software development experience in Python and JavaScript
• Web-based development experience using frameworks such as Flask, Angular JS, Node JS, etc.

Preferred Requirements:

• Software development experience in other Object-Oriented Programming Languages
• Digital Certificate, HSM, code signing, and practical cryptography experience using tools like OpenSSL
• Linux and/or Windows operating system administration
• Hardware configuration and troubleshooting
• Knowledge of TCP/IP networking fundamentals
• Practical knowledge and use of SQL for development
• Good grasp of using, implementing, and documenting REST APIs
• Knowledge of secure software development fundamentals
• Gather and define development requirements to meet process requirements
• Experience with interpreting requests from technical internal stakeholders into priorities and project milestones
• Application installation, configuration, security hardening, and user support activities

Key Personal Traits:

• Able to cultivate collaborative relationships; navigate sometimes contentious situations; and successfully resolve conflicts – all with respect, equity, and professionalism
• Comfortable working toward what may be loosely defined objectives, clarifying and solidifying those objectives along the way
• Team player, self-starter and entrepreneurial spirit
• Receptive to feedback and guidance from colleagues
• A critical thinker and problem solver, who is naturally curious and a consummate learner
• A good communicator with strong verbal and written presence, capable of clearly explaining and documenting security needs
• Ability to think analytically, gain insight and extrapolate information to reach decisions and offer guidance across different contexts
• Adept at multi-tasking and achieving results in what can be a high-pressure environment while adapting to fluid business demands
• Self-motivated and desire to independently drive the maturity of solutions
• Persistent, keeping end goals in mind, being mindful of opportunities as they present themselves, and appreciating that “not today” doesn’t mean “not ever”

Travel:

• 5% (travel typically not needed, but possible on occasion)