Lenovo

Lenovo is searching for a AI Cloud Security Architect to join our PCSD Product Security Team to help lead the secure design & development of Global Lenovo Cloud Products and to help oversee the operational security of Cloud products in production. The AI Security Architect will work with Lenovo Engineering and Product teams around the world to continuously improve the security posture of all cloud AI products and services in alignment with Lenovo Security policies, standards, and processes as well as local, regional and international AI security standards and regulations. The ideal candidate is familiar with Artificial Intelligence, cloud cybersecurity best practices and modern DevSecOps automation tools. AWS, Azure, GCP, AliBaba and AliCloud Security experiences is a plus. We are looking for someone with a security mindset who "thinks like an attacker". 

Responsibilities: 

• Perform cybersecurity control and risk assessments of proposed AI and existing AI products for compliance with Lenovo Requirements and international AI and cloud security best practices, recommending technical, administrative and physical remediations and mitigations for identified risks and vulnerabilities 
• Design and develop AI integrated cloud security architectures and perform architecture design reviews 
• Implement, maintain and improve existing industry best practices of AI security.
• Provide guidance to R&D and Product Management on defining and prioritizing development of secure AI offerings 
• Prepare and deliver training and AI security awareness activities to the Engineering teams 
• Acquire relevant knowledge, remain up to date, attend security conferences and be involved with the AI security community 
• Drive and help lead AI security strategy, tools, training, processes, and tactics

Basic Qualifications: 

• 5+ years of experience with security (security researcher, security engineer, security architect). 
• 3+ years experience in product security.
• In-Depth knowledge of Artificial Intelligence and best practices securing it.
• Bachelor’s degree in computer science or related field, or additional 5+ years of cybersecurity experience 

Preferred Qualifications:

• 5+ years of experience with AI and cloud security (security researcher, security engineer, security architect). 
• 3+ years experience with cloud product development.  
• 2+ Experience in: Infrastructure security, security SDLC, or Product Threat modeling experience 
• Experience doing code review for configuration management tools and scripting languages 
• Hand-on experience with AWS security best practices and AWS services Security standards and practices (CSA, OWASP, SANS, etc.) Security of relational databases (MySQL, MS SQL Server, Oracle) 
• Security management certificates (CISSP, CSSLP, CISM, etc.) 
• Has presented at security conferences (BlackHat, OWASP, etc.) 
• Experience with as many of these as possible; Terraform, Ansible, Jira, Bitbucket, and Confluence, Artifactory, JFrog, GitHub, Jenkins GCP and AliCloud experience 
• Security reviews for code/design/architecture and requirements.
• Cloud Security standards such as CSA CCM, ISO 27017, ISO 27018, Fedramp etc.
• Infrastructure Security and IAC Security Container Security, Docker and Kubernetes.
• Security Identity management and authentication systems and protocols (Active Directory, LDAP, SAML, RADIUS) 
• Linux/Unix and Windows OS Network architecture and security configurations 
• Ensure their accurate completion 1 or more Cloud Security Certifications such as CCSK, CCSP, or SANs Cloud Related Certs