General Information

Req #
Career area:
Hardware Engineering
United States of America
North Carolina
Monday, October 4, 2021
Working time:

Why Work at Lenovo

Here at Lenovo, we believe in smarter technology for all, so we spend our time building a society that’s brighter and more inclusive. And we go big. No, not big—huge. 

We’re a US$60 billion revenue Fortune Global 500 company serving customers in 180 markets around the world. Focused on a bold vision to deliver smarter technology for all, we are developing world-changing technologies that power (through devices and infrastructure) and empower (through solutions, services and software) millions of customers every day and together create a more inclusive, trustworthy and sustainable digital society for everyone, everywhere. 

The one thing that’s missing? Well… you...

Description and Requirements

What You’ll Do:

This position is for a DevSecOps Team Lead in the Security Center of Excellence for the Global PC and Smart Devices Business (PCSD). This is an exciting role where you will be working with a global team of development engineers and security professionals. You will work with multiple business units and DevOps teams to implement, configure and administer DevSecOps tools in CI/CD pipelines. You will be working alongside the best security teams in the industry. You’ll be keeping up to date with the latest DevSecOps technology and trends and you’ll have the opportunity to make a big impact on the largest PC company in the world. You should be known for taking initiative to do what needs to be done. You must have excellent organizational skills and you should thrive in a fast-paced environment with multiple partners and projects

As a lead member on the team, you will be mentoring and coaching other team members on your immediate team and other business unit’s DevOps and Development team members. You’ll work closely with other BU’s DevOps teams assisting implementing and maintaining security tools and processes. You’ll be researching and recommending the latest DevSecOps technologies to ensure Lenovo’s CI/CD pipelines remain as secure as possible. You’ll ensure that proper metrics are in place to show improvements in our processes and to identify gaps.

In Summary you will:

·       Implement, Integrate, and Maintain tools with your team and other BUs.

·       Identify areas of improvements to our CI/CD pipelines.

·       Research and recommend new tools, processes, and techniques.

·       Work as a Team Leader, coaching and mentoring other members of the team.

·       Collect and report on KPIs and other metrics.

·       Ensure Lenovo stays a leader in DevSecOps tools, techniques, and processes.

Position Requirements

Basic Qualifications:

·       Bachelor’s degree in a relevant field or equivalent relevant experience

·       5+ years of cybersecurity experience

·       3+ years of DevSecOps experience

·       2+ years of acting in a team lead capacity

·       2+ years of mentoring and coaching others in technical roles.

·       In-depth knowledge of public cloud providers, especially AWS.

·       Experience with implementing and maintenance DevSecOps tools.

·       Strong written and verbal communications and interpersonal skills

·       Ability to work independently as well as function as an integral part of a team, take initiative and ownership in a fast-paced environment

·       Ability to successfully work across regions and functions to solve problems and get things done

Preferred Qualifications:

·       Experience with Contrast, Anchore, PrismaCloud, Coverity, Checkmarx, Defensics, Synk, Fossa, jFrog, Jenkins, Jira, Confluence, and Bitbucket etc..

·       Experience with SAST, DAST, IAST Fuzzing and RASP tools and implementing them in a CI/CD pipeline.

·       Experience working with developers and as a developer.

·       Knowledge of Agile processes.

·       Experience implementing new solutions and tools.

·       Experience implementing and recording appropriate metrics to reflect an accurate picture of progress to management.

·       Ability to successfully work across regions and functions to solve problems and get things done

·       ISC2 Certifications such as Certificated Information System Security Professional (CISSP), and Certified Cloud Security Professional (CCSP)

·       SANS Certifications such as GIAC Cloud Security and DevSecOps Automation (GCSA), and GIAC Cloud Penetration Tester (GCPN).

·       Public Cloud Provider certifications such as AWS Solutions Architect, AWS Certified Security Specialty, Microsoft Certified: Azure Solutions Architect Expert, Microsoft Certified: Azure Security Engineer Associate, and GCP: Professional Cloud Architect.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any federal, state, or local protected class.