General Information

Req #
WD00002042
Career area:
Research/Development
Country:
United States of America
State:
North Carolina
City:
Morrisville
Date:
Tuesday, September 14, 2021
Working time:
Full-time

Why Work at Lenovo

Here at Lenovo, we believe in smarter technology for all, so we spend our time building a society that’s brighter and more inclusive. 

And we go big. No, not big—huge.

We’re not just a Fortune 500 company, we’re one of Fortune’s Most Admired. We’re in 180 countries, working with 63,000 brilliant colleagues and counting. And we’re known for the world’s most complete portfolio of smart technology, from devices to software to infrastructure.

With our ingenuity, we help millions—not just the select few—experience our version of a smarter future. 

The one thing that’s missing? Well… you...

Description and Requirements

Who You’ll Work With 
At Lenovo, we manufacture one of the world’s widest portfolios of connected products, including PCs (ThinkPad, Yoga, Lenovo Legion), tablets, smartphones and workstations as well as augmented and virtual reality (Mirage, ThinkReality) and smart home/office solutions. We are also building an innovative portfolio of software and services which are changing the industry. Lenovo is creating the capacity and computing power for the connections that are changing business and society. 

About Our Team 
We are searching for a Security Development Engineer in the Security Center of Excellence for PC and Smart Devices business (PCSD). This is an exciting role where you will apply your application development skills to help build and maintain a security management portal for managing security assessments, vulnerability tracking, and other processes critical to the delivery of secure products to our customers. You’ll work with an international team of product security professionals and will have the opportunity to learn about the high-demand field of cybersecurity. The web portal is developed using PHP, so knowledge of the language and development frameworks, such as ThinkPHP, is required. Familiarity with frontend development technologies, such as HTML, CSS and JavaScript will be needed, as will knowledge of backend technologies like MySQL, Apache and Nginx. 

What You'll Do 
• Lead development of the existing web portal to meet new requirements from security engineers, project managers, users, and stakeholders 
• Ensure that the security portal meets the needs of the security team while they perform reviews, as well as development teams and project managers who will consume the results of the reviews. 
• Oversee deployment and maintenance of the portal into an on-premise cloud infrastructure • Serve as a bridge between the multiple security teams across the globe, ensuring that requirements of all teams are met. • Integrate a variety of DevSecOps tools output with the Lenovo Global Security Lab portal using the DevSecOps Tools native APIs to help automate security team processes and tasks.

Basic Qualifications: 

* Bachelor’s degree in Computer Science, Computer Engineering or related field
* 5+ years relevant experience; or master's degree
* 3+ years relevant experience; or equivalent experience 3+ years software development experience with Java, Python and PHP web applications 
* 3+ years experience in secure software development and software security testing 

Preferred Qualifications:

* Experience with PHP development Familiarity with ThinkPHP or similar development framework 
* Experience with frontend development, including HTML, CSS and JavaScript Knowledge of backend technologies, including databases, MySQL, Apache and Nginx 
* Strong written and verbal communication skills - this role requires communicating with stake holders, users, project managers, and security engineers, as well as communicating with diverse and global teams 
* Familiarity with Atlassian APIs for Jira and Confluence for importing existing datasets 
* Familiarity with a wide range of security testing tools 
* Extensive knowledge of software security vulnerability mitigation & remediation techniques 
* Strong understanding of general secure development practices: code review, static analysis, dynamic analysis, and tools for SAST, DAST, IAST, Threat Modeling, etc. 
* Extensive knowledge of OWASP security practices and tools 
* Familiarity with a variety of DevSecOps tools Testing Automation Experience 
* Extensive experience with CVSS, CVE, CWSS, CWE software vulnerability and software weakness scoring 
* Experienced with Agile development methodology, processes and tools 
* Mandarin Fluency

When you join our team, we will provide the opportunity to make an impact and grow your career in a global technology company. Some of the benefits of working at Lenovo include a flexible vacation policy, competitive health, dental and vision coverage, 401K match, various onsite amenities such as fitness and wellness centers, banking, onsite eateries, and much more. Check out our [1] benefits website to learn more! https://www.lenovobenefits.com/Aren’t ready to apply or have additional questions? Feel free to connect with us on LinkedIn or reach out to [2] campushiring@lenovo.com

To learn more about our university programs and register to attend an upcoming information session or event, please visit: https://ripplematch.com/company/lenovo/
#LI-RGI
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any federal, state, or local protected class.