General Information

Req #
Career area:
São Paulo
Friday, September 24, 2021
Working time:

Why Work at Lenovo

Here at Lenovo, we believe in smarter technology for all, so we spend our time building a society that’s brighter and more inclusive. 

And we go big. No, not big—huge.

We’re not just a Fortune Global 500 company, we’re one of Fortune’s Most Admired. We’re in 180 markets, working with 63,000 brilliant colleagues and counting. And we’re known for the world’s most complete portfolio of smart technology, from devices to software to infrastructure.

With our ingenuity, we help millions—not just the select few—experience our version of a smarter future. 

The one thing that’s missing? Well… you...

Description and Requirements

Software Security & Quality Manager

Job responsibilities will include ownership and execution of activities, which include: 
Quality Assurance, Automation and Integration, Software Security.

Will include ownership and execution activities of:
  • Quality Assurance. Responsible for the user experience and ensures that final product has all the features in the original specifications (in Agile, specs are the user histories approved by Product Owner).
  • Security Engineering - work with SW architects to ensure code completion is safe and in compliance. This person works closely with everyone to ensure the integrity of corporate data. Coordinate and execute penetration tests and plan accordingly to prevent or solve issues.
  • Automation and Integration – responsible for finding and deploying the proper tools and implementing the processes that can automate any manual tasks, specially testing and integration of the code, aiming the excellence on Agile methodologies.
  • Bachelor’s Degree in Computer Science, related area or equivalent related work experience
  • Master Degree in Computer Science or related discipline desirable
  • Six years’ experience in Computer Security with experience in secure product design, vulnerability management, ethical hacking, and product security testing
  • Performing security assessments of Windows applications - experience with mobile and Web applications are a plus.
  • Experience performing static analysis and code reviews.
  • Experience with tools used in application development (e.g., Visual Studio) and agile development processes (e.g., Confluence, JIRA).
  • Knowledge of secure coding best practices for client applications.
  • Ethical hacking/penetration testing that identifies weaknesses in applications and in the transmission and storage of data.
  • A background in software development in Java, C/C++, C# .NET and/or JavaScript is strongly desired.
  • Experience performing code reviews and reviewing the results of static analysis tools.
  • Good understanding of vulnerabilities and attack methods, with the ability to explain security issues such as privilege escalation, buffer overflows, SQLi, etc., how to identify them, and what tools are best used for each.
  • Ability to train/educate teams on secure coding best practices.
  • Experience with analyzing the security of the cloud-based interfaces that client applications may communicate with, with knowledge of technologies such as REST, and associated languages, such as Java, desirable.
  • Knowledge of and experience with applying Common Weakness Enumeration (CWE), Common Vulnerability Scoring System (CVSS), Common Vulnerabilities and Exposures (CVE) and Open Web Application Security Project (OWASP) processes and remediation recommendations.
  • Desirable experience in multinational companies and in managing technical teams of IT Law and “Lei do Bem” projects.
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any federal, state, or local protected class.