General Information

Req #
WD00031748
Career area:
Hardware Engineering
Country/Region:
China
State:
Beijing
City:
北京(Beijing)
Date:
Tuesday, June 14, 2022
Working time:
Full-time
Additional Locations: 
* 北京(Beijing) - Beijing - China

Why Work at Lenovo

Here at Lenovo, we believe in smarter technology that builds a brighter, more sustainable and inclusive future for our customers, colleagues, communities, and the planet.

And we go big. No, not big—huge.

We’re not just a US$70 billion revenue Fortune Global 500 company, we’re one of Fortune’s Most Admired. We’re transforming the world through intelligent transformation, offering the world’s most complete portfolio of smart devices, infrastructure, and solutions. With more than 71,500 employees doing business in 180 markets, we help millions—not just the select few—experience our version of a smarter future.

The one thing that’s missing? Well… you...

Description and Requirements

1. Responsible for the security test of the company's products, propose a repair plan and assist related personnel in repair;

2. Participate in the establishment and improvement of relevant product security regulations and procedures;

3. According to the current status of product security, discover potential security risks, conduct penetration testing and exploit vulnerabilities on PCs, tablets, mobile phones, and IOT smart hardware products, and promote the implementation of security requirements in products;

4. Manage the existing tools in the CSL

5 Carry out security standard training for development and testing personnel to improve safety risk prevention capabilities;

6. Responsible for the construction of automated vulnerability mining tool platform and the construction of threat intelligence system.


Job Requirements:

Basic items:

1. More than 6 years of security experience;

2. Familiar with at least one development language such as python, Java and PHP;

3. Sensitive to security vulnerabilities, good at discovering hidden dangers or security vulnerabilities in products;

4. Have independent experience in vulnerability mining research and analysis, not limited to web vulnerabilities, system vulnerabilities, and application vulnerabilities

5. Have some insights into the vulnerabilities principles and utilization methods of various Web, APP, BIOS, OS, UEFI, Linux, FW, SW, hardware, and IOT products, and be familiar with common security vulnerabilities solutions;

6. Have good plan execution ability and problem-solving ability, have a high degree of work responsibility, good team consciousness and coordination and cooperation ability.

bonus:

1. Those engaged in IOT BIOS UEFI OS FW security-related research are preferred;

2. Participated in a large CTF and achieved an excellent ranking or submitted high-risk vulnerabilities in CVE/CNVD/CNNVD preferred;

3. Holders of CISSP are preferred;

4. Have good communication skills, coordination skills, understanding skills, and have a strong sense of responsibility and team management skills. Those who can withstand a certain intensity of work pressure are preferred.

* 北京(Beijing) - Beijing - China